While connectivity has improved and continues to improve in pockets of the country it is no secret that Venezuela’s Internet is highly monitored and censored.
Navigating to sites that are critical of the government is not possible without some DNS trickery and many US sites that people need to navigate to get on with their daily lives in Venezuela are blocked due to US sanctions.
On top of this, because of the over-reliance on services like WhastApp and Zelle, bank frauds are rampant. The constant WhatsApp messages trying to trick you into giving your personal details was something I didn’t expect when I set up my local mobile number, nor the number of reports from friends and friends of friends who lost access to their US bank accounts or got some money stolen from their accounts via wire transfers.
Being the “computer guy” among my friends and family, I’m often asked “What can we do about this?". While there is no silver bullet to online safety, what follows are my usual recommendations.
Accessing blocked sites and USA sites
The simplest but weakest method of accessing some government blocked sites is to change your DNS configuration to use a trusted DNS resolver (Google’s 22.214.171.124 or Cloudflare’s 126.96.36.199) or a local resolver (this requires more advanced sysadmin knowledge). Cloudflare has very thorough guides on how to change your DNS . If you’re going to do this at home I recommend you do it in your router so that you don’t need to do it on each device separately.
The best way to circumvent any blockade and to access USA sites which are blocked because of sanctions or geo-location is to use a VPN service.
While I’ve argued that you don’t really need a VPN to protect your privacy as most VPN services still leak your data or track who you are, these services are very useful to bypass geofencing and other blocks.
After testing many VPN providers I settled for NordVPN due to its good mix of reliability and ease of use. Mullvad came in second and I recommend it for those more privacy conscious but in my experience it’s less reliable and has less connection options.
How do you use NordVPN? Install the desktop and/or mobile app and make sure to select a USA connection before browsing the Internet (you can also install configure the VPN connection at your router level but this is more tricky and not always worth it). Once a connection is established you’ll be able to navigate to any site as if you were connected from within the USA.
Passwords are ubiquitous. They’re both the most common and at the same time the weakest security feature most online accounts have so it is uber-important that we take care of our passwords properly. My rules for passwords are:
- Avoid writing them down in pieces of paper you keep in “secured” locations around your house or office. This is the easiest way for someone to get access to your accounts.
- Use a Password Manager especially if you share passwords with friends and family. It is very common to share Netflix, Amazon, etc. passwords with your loved ones and unless you’re using a password manager you’re probably sharing them over WhatsApp, email, or through pieces of paper. Again, it is very easy for an attacker to get ahold of one of your passwords. Password managers are a great tool to ensure that your passwords are secure enough (see next point).
- Never use the same password for multiple accounts. It suffices for one account’s details to be leaked to have all your accounts compromised.
- Use long passwords. The longer the password the harder it is for a machine to guess. Ensure your passwords are at least 14 to 16 characters long. Less than 14 characters and a fast computer might be able to guess it in a few hours or days.
- A rule of thumb is to choose memorable words or phrases and paste them together. For example
toyotadiskteabananas. ( Another advantage of a password manager is that it will generate or recommend these for you).
- Do not bother replacing characters for numbers. Letter <> numbers swaps are very common and intuitive (for example changing an i for 1) so it is very easy for password crackers to encode this in their programs and guess your passwords anyway.
Use Two-Factor Authentication (2FA)
Two or multiple factor authentication refers to those extra steps you need to take to verify your identity after you’ve already performed an initial authentication step (typing your password). In most cases 2FA is done via and automated email or SMS that contains a code that expires after a preset amount of time (usually 10 minutes).
As a first step make sure all your accounts or at the very least your most important ones (your email and bank account) use 2FA.
Avoid using SMS 2FA if possible. This will save you issues especially when traveling abroad. Email is good for 2FA but only if your email account is already secured (see below).
My preferred method is to use a hardware (as in physical) security key. A security key is a small device that you connect via NFC or USB and is able to generate the 2FA codes for your accounts. This method is the most secure because it requires to have the physical device with you.
Protect Your Email
Last but not least is to ensure that your email account is secured.
Your email is your de facto internet identity and that is not going to change in the near future. So the least you can do to protect your online life is to ensure that your email account is as secured as possible. This means, at the very least, using a unique and strong password and activating 2FA.
But you should go even further. My recommendation is to create a dedicated email address that you keep secret and that you only use to log in to your most sensible accounts (like your bank accounts). Or if you’re an Apple fan, you can use their free “Hide My Email” service. When you use this service, Apple generates a new random email address that you can use anywhere and all the emails are forwarded to your true address which only Apple knows about .
- Change your DNS and use a VPN to access blocked sites
- Use strong passwords and 2FA wherever possible
- Protect your email at all costs