following the Snowden events here is what everyone can do to increase privacy/security and prevent man-in-the-middle attacks:
– otr encryption / GPG email / chatsecure / signal
– password manager and a strong password policy
– 2-factor authentication
– full-disk encryption
– use a password manager like keepass/pass/keepassx as long as you don’t re-use the same email and password for everything.
– use 2-factor authentication just in case. Google authenticator and Duo security are free and easy to install. Again, it’s an extra step that makes it difficult to track you or your habits
NOTE: This may actually not help you to stay anonymous as you will have to provide a number or server where your “token” comes from. But 2-factor can also mean you have to have the server password and the right SSH key.
– use full-disk encryption for all your drives. Most current linux distributions can automatically set up LUKS partitions inside LVM – as long as your CPU is not too crappy you will barely notice the processing delay.
Bonus points: Run your web server with a valid certificate like the ones from let’s encrypt. Free! :)