The most common way for internet sleuths to doxx you is by identifying reused usernames or emails. Never reuse a username. Turn it into an improv game where you get better at coming up with usernames on the spot. Use throwaway emails when possible.
Also, I would add a section on threat modeling. None of this stuff is anything you can adopt all at once overnight. It’s a gradual process that will drive you mad as you learn more about how impossible it is to keep your setup “pure”. Threat modeling is important because it turns your vibe-based assessments and anxieties into tangible goals. What do you want to protect? How might it be attacked? How can those attacks be mitigated? Are those mitigations worth their costs?
The most common way for internet sleuths to doxx you is by identifying reused usernames or emails. Never reuse a username. Turn it into an improv game where you get better at coming up with usernames on the spot. Use throwaway emails when possible.
Also, I would add a section on threat modeling. None of this stuff is anything you can adopt all at once overnight. It’s a gradual process that will drive you mad as you learn more about how impossible it is to keep your setup “pure”. Threat modeling is important because it turns your vibe-based assessments and anxieties into tangible goals. What do you want to protect? How might it be attacked? How can those attacks be mitigated? Are those mitigations worth their costs?