Yep, it's widely accepted to be secure, and more secure than WhatsApp. Many respected security professionals are using and recommending it.
Have a read of https://securitygladiators.com/signal-review/ and the linked reference https://signal.org/docs/
You’ve got a good start for sure. Use an email aliasing service such as AnonAddy and also always use a VPN. I recommend Mullvad. Use browsers that support anonymity and an OS that does the same. Most Linux OS’s will be best, but if you’re not a tech guy/gal, use Mac over Windows. Limit the apps on your phone to the bare minimum and also choose apple over android for your phone. If you really want to go all-out use a cell provider that supports privacy, which won’t be any of the main cell providers. There’s a lot more to this, but I think this is the bare minimum if you’re serious about this.
As a contribution to the SMB and IT community, I am making the kindle eBook Free again through Friday, January 21st, 2022.
https://www.amazon.com/Free-eBook-Cybersecurity-Midsize-Businesses/dp/B08CJZCJ79
Assume everything is compromised. Change your passwords to your email and bank account for sure, but anything else you can think of you used and logged into while unprotected. Look at using randomized long passwords with a password manager. Copy all your personal files to an external drive not old software installers though, as these could be modified, and wipe your machine and reinstall the OS. This is the only way to know for sure nothing is sitting dormant on the system. Try and use something like Privacy.com for vendor specific cards, or burner cards for one time use cards online.
First and foremost, NEVER SHARE YOUR PRIVATE KEYS AND NEVER ENTER THEM INTO YOUR PHONE/LAPTOP.
Use a protonmail account that is used exclusively for exchanges, and a separate protonmail email exclusively for crypto-related purchases.
E.g sign up for an exchange with and buy a cold wallet with .
For these email accounts, do not use any part of your real name when creating the username.
Use 2FA ( 2 Factor Authentication ) everywhere possible. If possible, only use TOTP rather than email or SMS verification.
Phishing:
When going onto an exchange website, make sure it's the real website, then bookmark it.
Phishing sites are designed to look similar enough to trick someone. Look at the URL to see if the domain has an incorrect spelling, or uses characters that look the same at a glance. For example, say you want to buy a Ledger wallet. Someone trying to phish people could create a site le*gd* or l*é* -----> Notice that the first example site makes a slight change in the spelling of the real site while the second example site replaces the character "E" with "É."
It's a tiny difference but extremely important.
Similarly, phishing sites may have the exact same name but with a different name, like using ".cc" instead of ".io" instead of ".com"
Also some sites allow creating an anti-phishing code, which is shown in every legit email from the exchange.
As for VPNs, IME ExpressVPN is very fast.
The operating system. If you do you can cut the communications (I.e. block the the ports that service is using). Then from there you can whitelist/blacklist the communications to that service. Although if there is malware on the computer, the best way to get rid of it is to wipe the OS and start from a backup from before the suspected time of the downloaded malware.
Also here's a link for the setting it up with a lot of security features. Sometimes a quick google search is your best friend. https://ngrok.com/docs
If I wanted to be really secure, I would use something like Windows Remote Desktop over an SSH tunnel.
Then I'd use an app like this one for connecting.
There are a lot of articles on how to achieve this on Windows.
For a messenger app, you can use Signal
​
For Search engine you can use DuckDuckGo
​
For your Email you can use ProtonMail
​
For a VPN, you can use ProtonVPN
​
(
optional: Use Tor, If you want a better security and anonymity
)
​
And I think that's it… You're quite ready
Malwarebytes is great and you could use NordVPN. They are fairly good and decently priced.
Generally don’t write passwords down. That’s the worst idea. Make them things you WILL remember.
“My Favorite Team is XYZ!” “I Like Dogs and N0t C@t$!” “I P00ped Myself When I Was 21:(“