Tech survival guide
This article contains tips for using computers as effectively and healthily as possible. Tips that require technical expertise are marked with an asterisk.
One piece of general advice is to make changes to the way you use computers gradually. It’s best to change one small aspect at a time and keep the old and new ways going in parallel for a while. This prevents you from getting overwhelmed by too many large changes and also makes it easy to back out from a change that doesn’t work.
Another general principle is to treat computers as tools that amplify your capability rather than agents that replace it. For example, if you want to track your spending, it’s better to use a program that allows you to learn budgeting principles and create your own rules and analyses rather than a program that spits out dubious insights automatically.
It’s also useful to develop a sense for what kinds of tasks should be automated. In general, tasks that involve capturing, processing, or transmitting structured data should be automated. Tasks that involve unstructured inputs or outputs and tasks that require human oversight or communication should not.
Using computers
-
To protect your attention and stay grounded in the real world, don’t use computers for jobs that other tools can do just as well. For example:
-
Draft projects on paper before finishing them on a computer.
-
Use an alarm clock so you don’t have your phone in hand first thing every morning.
-
Keep a physical planner to manage your schedule. You can also take a hybrid approach by using a digital calendar for recurring or work events.
-
-
Create an ergonomic setup for prolonged computer work. This should include:
-
An adjustable ergonomic task chair and a desk that supports both sitting and standing. Remaining stationary for long periods of time, whether sitting or standing, is harmful for your body. Alternate regularly between sitting and standing while working. When standing, wear padded shoes or stand on a padded surface to avoid hurting your feet. You can also stand on a wobble board to promote movement.
-
An external monitor mounted on an arm so that its position can be adjusted to match your eye level. Using a mounting arm also frees up desk space.
-
An ergonomic mouse. Vertical mice are nice because you can use them without pronating your wrist, which is harmful to do for a prolonged period of time. Some people like trackball mice because they reduce the amount of physical movement you have to perform to move the cursor. Trackpads are another option that allow you to navigate with less physical movement. Avoid resting your hand on your mouse when you aren’t actively using it. Place your mouse on your desk in a way that allows you to use it in a natural position.
-
A keyboard that promotes good posture. The keyboard should be split so that you can use it with your shoulders back and down. It should also be tented so you can use it without pronating your wrists. Some people like ortholinear keyboards rather than traditional staggered keyboards because they allow your fingers to move in a healthier way. Avoid resting your hands on your keyboard when you aren’t actively using it. If you are writing prose, consider using dictation software rather than typing it out.
-
A well-lit workspace to reduce eye strain. Use a mix of natural light, warm ambient light, and warm task lights, and try to keep your environment at a similar brightness level to your monitor. Avoid glare or shadows on your monitor or workspace.
-
-
Take regular breaks during periods of prolonged computer work. Getting up to walk around and give your eyes a rest every 30 minutes or so reduces fatigue. On macOS, you can use my remindful app to receive periodic reminders to take a break.
-
Pick specific places in your home, outside of the bedroom if possible, for laptops and phones to live. Charge them there and try as much as possible to use them only in their places. This prevents feelings associated with computer use from polluting your home and also keeps you from ending up slouched on the couch over a device.
-
Use screens in grayscale mode to combat colors that seem more saturated and appealing than real life. You can configure your devices to make toggling grayscale mode easy, which is useful when switching to tasks that require colors. On phones, you can toggle the grayscale filter using buttons or automatically based on opened applications. On macOS, you can use my grayscale app to accomplish the same thing.
Files
-
To keep your files organized, name directories hierarchically according to their content and name files in the format
yyyymmdd-file-name.extension
, where the file name’s prefix is its creation date. This makes sorting alphabetically the same as sorting by creation date, so that you can maintain order and find what you’re looking for even if file metadata gets erased. The absence of spaces in file and directory names makes them easier to work with from the command line. It occasionally makes sense to name directories with a creation date prefix as well.Here is an example of this scheme:
. ├── documents │ ├── bills │ │ └── 20220923-water-bill.pdf │ ├── essays │ │ ├── 20221031-of-quick-or-slow-speech.txt │ │ └── 20230515-how-to-store-files.txt │ └── presentations │ └── 20221111-yak-shaving.pdf └── photos ├── 20220913-france │ ├── photo1.jpg │ └── photo2.jpg └── 20230603-spain ├── photo1.jpg └── photo2.jpg
-
Store your personal files in a single directory that doesn’t contain anything else. To protect against data loss, back up this directory in at least three places across at least two physical locations. As a start, you can keep one copy in your computer’s internal storage, one copy in external storage, and one copy in online storage. If you keep data in online storage, make sure it is encrypted first so storage providers cannot read it.
- (*)
rclone
is an excellent tool for automatically keeping copies in external or online storage up to date. It has support for encrypting data before uploading it to online storage.
- (*)
-
Configure your internal and external storage to use full-disk encryption so that nobody can view your data without a password. Set a firmware password so nobody can boot your computer from a disk that they control without knowing the firmware password.
-
(*) Automate your important operating-system and application-level configuration. Create a script that installs configuration files and toggles settings so that you can set up a new computer to your taste with a single command. Store this script and associated files in your backed-up directory.
Networking
-
Configure each of your networked devices to have a unique hostname without spaces. This makes it easier to identify and work with them.
-
On workstations, enable a firewall for incoming and outgoing network connections. The first time a new type of incoming or outgoing connection is attempted, you should be prompted to allow or reject it. This lets you understand and control your device’s networking behavior. On macOS, the system firewall works for incoming requests, and the excellent third-party app LuLu works for outgoing requests.
-
When using a laptop on the go, it’s better to tether your phone’s internet connection than to use public wifi. Badly configured public wifi exposes your device to other potentially malicious devices on the network. If you have to use a public network, you can mitigate the risk by using a firewall to block all incoming network connections. On macOS, you can block all incoming connections via the firewall settings page.
-
Instead of renting a router from your ISP for your home network, buy one yourself. You’ll save money and avoid having a computer controlled by a third party on your network.
-
(*) Install OpenWRT, a free operating system based on the Linux kernel, on your routers. Doing so gives you greater functionality for, control over, and peace of mind about your home network. You may want to take the following steps after installing OpenWRT:
-
Apply the settings recommended for your router model in the OpenWRT installation guide.
-
Set the router’s root password, disable SSH access from the internet, and force HTTPS for the LuCI web interface.
-
Set up your wireless networks using a good security protocol and password. You likely want to create a separate network for guests and untrusted devices that allows internet access but not access to any other devices in the local network. You can set this up by enabling the setting to isolate clients on the guest network and setting up appropriate firewall rules.
-
Install the Simple Adblock package to block ads at the DNS level for all devices connected to your router.
-
Install packages to enable using your router as a Wireguard VPN client or server.
-
-
Use Firefox for browsing the web. It’s the only major browser that is both open-source and developed by a non-profit organization. It is also the only major browser that is extensively customizable via configuration files. Install the uBlock Origin extension to block ads. Configure the browser to clear cookies and data on exit to limit tracking, and add exceptions for sites that you trust and use frequently.
- (*) Use the
user.js
file to configure browser behavior and theuserChrome.css
file to customize the interface. The arkenfoxuser.js
file is a good template for configuring Firefox to improve privacy and security.
- (*) Use the
-
Don’t use a work email account for personal communication. Doing so not only gives your employer access to your correspondence, but it can also make you dependent on their IT infrastructure for things like paying bills and accessing personal accounts.
-
(*) Register an internet domain and use it for your email address. This allows you to keep the same address for as long as you want and gives you independence from any particular email provider. I don’t recommend hosting your own email servers. It’s a lot of work and not worth the headache. The privacy benefits are also marginal, because the recipient of your messages is likely to be using a major email provider anyway. Use an encryption system like PGP to hide the contents of your messages from prying eyes. There are two good ways to host email for your address:
-
Pay a provider for a complete hosted email service. This option is easiest and most reliable, and the hosted email often comes with other services such as calendar, contacts, and file storage. However, it can be expensive.
-
Cobble together systems that allow you to send and receive email. This option requires more work and can be less reliable, but it is much cheaper. First, create a free account with some email provider. Then, configure settings with your domain registrar so that mail sent to your domain is forwarded to your newly created account. Many registrars offer this service for free. Finally, you can set up a very cheap SMTP service like Amazon’s Simple Email Service to send mail from addresses at your domain.
-
-
Give disposable email aliases out in situations that might lead to spam. You can then create a mail processing rule to automatically delete all mail sent to a particular email alias. If you have your own domain, you can create arbitrary addresses for this purpose. Even better, you could register a second domain specifically for spam that forwards mail to your primary address. For example, you might sign up for an account on the new social network Instaspam with the address
instaspam@myspamdomain.com
. If you have an address from a mail provider, you can use the provider’s aliasing system. With GMail this would look likemyaccount+instaspam@gmail.com
. -
Regularly back up your email, calendar, and contacts to local storage, so that if something happens to your mail provider you won’t lose data.
- (*) You can use
mbsync
for email andvdirsyncer
for calendar and contacts.neomutt
,khal
, andkhard
allow you to read and edit your local copies.
- (*) You can use
Passwords
-
Use a password manager to keep track of your passwords. You shouldn’t use the same password for any two services, so that if a malicious actor compromises one of your accounts they won’t be able to access any others. It’s not practical to memorize unique and suitably long passwords for all of the accounts we use these days. A good password manager is essential. Password managers generate and store as many random and arbitrarily long passwords as you need. The generated passwords are protected by a master password that you remember.
-
If you use a password manager that syncs your passwords across devices via remote servers, make sure that your passwords aren’t stored unencrypted on those servers. Also make sure that your master password is not transmitted to the servers.
-
(*) I recommend the excellent command-line password manager
pass
, also calledpassword-store
.
-
-
Even with a password manager, there will be a small number of passwords that you need to remember, such as your master password and the passwords to services that you want to access without your manager. For these, use simple but long phrases. They are easier to remember and harder for an attacker to guess than shorter passwords with complex special characters. For example, the password
this-is-an-example-password-with-additional-text-added
is better than the password3x4mpl3p4$$w0rd
. -
Enable two-factor authentication (2FA) for important accounts when it is offered. It prevents password compromise alone from granting a malicious actor access. A dedicated authenticator application is the most secure way to receive 2FA codes, followed by email and then text message or phone call. Keep 2FA backup codes in a safe place.
-
Write a letter instructing your loved ones how to access your passwords in case you are incapacitated. Keep it sealed and in a safe place.
Phones
-
Only use your phone for things it’s good at. Smartphones are extremely useful for certain tasks, which include sending and receiving real-time communication; recording pictures, audio, and video; playing back audio; navigation; providing an internet connection to other devices; and performing simple information lookups. However, using smartphones for things they aren’t good at is inefficient and can allow our digital lives to encroach on our physical ones. Things you shouldn’t do on a smartphone include reading, watching, or writing anything that isn’t real-time communication or directly relevant to your physical surroundings.
-
Don’t install apps on your phone for things it isn’t good at. This includes apps for watching videos, browsing social media, and reading the news.
-
Personal email correspondence is not real-time communication, so you shouldn’t have email on your phone. If you rely on email access from your phone for things like tickets, you can send them to your phone ahead of time or download specific apps to display them.
-
It is useful to be able to send short email reminders while out and about. To achieve this, you can configure your phone to send but not receive email. On iOS, you can set up a system account that has a valid SMTP configuration but a POP configuration with a bogus server, username, and password.
-
-
Only allow notifications for events that are important to handle in real-time. Examples of such events include calls, certain types of text message, weather alerts, transit updates, and credit card transaction approvals.
- If you’re afraid that you’ll miss out on things without notifications enabled, configure services to send you email updates and set aside some time during the day to intentionally check your email.
-
Don’t put work-related apps or accounts on your personal phone.
-
Keep your phone in a bag rather than a pocket when you’re out and about. This makes it harder to take it out reflexively.
Life online
-
Record useful or interesting information for yourself. The internet makes information extremely easy to access, but content stored there is liable to be changed or removed at any time. Take notes or save copies so that you don’t lose it.
-
Be skeptical of all digital content. It’s now extremely easy to make credible but fake writing, audio, images, and videos. Even genuine content is likely to be biased or low-quality. Use critical thinking and pay attention to where content is coming from.
-
Don’t give any company more information than it strictly needs to perform the service you are after. Even if a company asking for information about you has good intentions, which is unlikely, it may be technically incompetent or compromised by malicious actors in a way that leaks your sensitive data.
-
Avoid services that lock in your business by making it artificially difficult to transfer to competitors.
-
Be wary of scams. If someone makes contact with you on behalf of a company and asks for any sensitive information, then it is likely a scam. A good way to deal with these situations is to ask how you can make contact with them using an official company channel, like a known website, email domain, or phone number. If they can’t provide a way to do so, they are probably a scammer, and if they can, then the request may be legitimate.