Minding your digital security amid terror law



MANILA — As terror law takes effect, our digital security is at stake. Community journalists, artists, writers, activists and dissenters are not spared from the law’s dangerous provisions such as surveillance.

Critics pointed that the Anti-Terrorism Act violates citizens’ constitutional right to privacy as surveillance and wiretapping are allowed.

In a time of pandemic where being online has become part of the norm, how do we guard our safety?

Here are some cybersecurity tips and best practices from digital security expert, Tom Banaria.



Mobile security


  • Use strong password

  • Regularly update operating system, third party softwares, browsers

  • Use secured browser such as Brave

  • Uninstall irrelevant apps

  • Separate work and personal phones

  • To review permissions you allow your apps, visit https://appwatcher.com






E-mail security

  • Use end-to-end encrypted mailing applications such as Protonmail and Tutanota.
  • Use Gmail for non-sensitive communication and remember to read and understand privacy policies.
  • Do not open an email with the suspicious subject line – it might include a virus or malware
  • Do not open attachments from an email address that you don’t recognize
  • Use separate work and personal email
  • Delete browser history and cache when accessing email from a public computer
  • Be careful about what types of information you put into writing and who you email


Website security


  • Always connect to a VPN for secure and private browsing
  • Avoid connecting to public wifi.
  • Always be vigilant on your online activities- cybercriminals are lurking around the internet and using different devices that may phish your data.
  • Implement https on your website.
  • When accessing the website as a user, use the https plugin
  • Use of HSTS for your website



Facebook security

1. Use strong passwords

Passwords are your first layer of security. To secure your Facebook account, use strong passwords consisting of phrases or random words. Remember, do not use your birthday, maiden name, or any basic information that can be easily guessed by attackers. There are available password generating apps and vaults which you can use like Bitwarden and KeePassXC.

2. Enable two-factor authentication

Two-factor authentication is a security feature that helps strengthen the security of your account in addition to your password. If you set up two-factor authentication, you’ll be asked to enter a special login code or confirm your login attempt each time someone tries accessing your account from an unrecognized browser or mobile device. Here’s how:

Go to your Security and Login Settings

Scroll down to Use two-factor authentication and click Edit.
Choose the security method you want to add and follow the on-screen instructions.
When you set up two-factor authentication on Facebook, you’ll be asked to choose one of two security methods:

You’ll need to have at least one of these set up to use two-factor authentication. Once you have added either text message (SMS) codes or a third party authentication app on your account, you’ll also be able to set up some of the optional methods below:

  • Approving your login attempt from a device we recognize
  • Using one of your recovery codes
  • Tapping your security key on a compatible device

Too much to handle? Worry no more! There is an app called Authy which can help you with authentication!

Most importantly,

3. Log out sessions

Log out your sessions now and then to remove traces of location. It is also important to use a VPN for secured browsing.

4. Change passwords regularly

It is advisable to change passwords every three months

5. Avoid connecting third-party apps or sites to Facebook accounts

Allowing third-party apps to access information through Facebook is as harmful as giving hackers your password.

6. Review Facebook security and privacy settings tools.

Always get control over what people can see on your Facebook profile these with these:

  • Make your activities and posts limited to friends. Review settings and ensure that your posts are only seen by friends unless intended to be a public post.
  • Review posts that you are tagged in. Review and filter posts that people tag you.

If all else fails, leave Facebook. Facebook with million users remains one of the largest hoarders of personal data.

How to prevent zoom bombing

Do not share your meeting ID in public– One way to prevent zoom bombing is to keep your Meeting ID private. When holding a public discussion, it is helpful to filter participants by creating an RSVP. Meeting ID may be shared through secured e-mail, such as Protonmail.

Customize Meeting Password– Zoom can automatically generate a password for meeting rooms. However, auto-generated passwords are vulnerable to attacks. One option is to customize it. Click here to know how.

Limit screen sharing– When screen sharing is provided to “all,” any participant who enters the virtual meeting room can play images or videos to the rest of the participants. This can be used to project any harmful and violent content.

In the advance setting, check the option that only the meeting host can share the screen.

Turn off annotation– Host and participants have the privilege to doodle and mark up content together using annotations. To prevent trolls from writing all over the screen, disable the annotation feature in your Zoom app.

Kick them out– When participants are still not following the community guidelines set, they may be kicked out. Go to the Participants pane, hover on her or his name, and choose Remove. Those kicked out from the Meeting Room cannot rejoin.

If all else fails, Jitsi, a more secure teleconferencing app, may also be used.

As Duterte ignores the call of the public to junk terror law, expect that in the coming days, more casualties of this de facto martial law will increase. We shall not falter, we will fight back.


Important links:

AUTHY: https://authy.com/download/

KEEPASS: https://keepass.info/download.

BITWARDEN: https://bitwarden.com/#






Share This Post