I couldn't think of any other good way of talking about this without flooding the forum in a bunch of different topics, so I decided the best option was to put this here.
Due to how many questions actually turned up in the end, I have decided to organize them so they're easier to answer. Feel free to use said organization. (Ex: A1 or A-1)
So obviously I've been on the forums a lot lately, and the reason why is that I've kind of been having an episode when it comes to the security of me and the family. They think I'm crazy for wanting to be so safe, but knowing what's been going on these past few years I don't really want to take any chances. It's been really hard for me to figure out what's safe and what's not when it comes to security and safety. I know there's plenty of sites involving these questions, but most of them tend to trigger Web Protection, stray off topic, or describe them in weird ways that may be unsafe. I'd really like answers to as many of these as possible, as it'll help me calm down more. Though I can understand if answering too many can be excessive. Hopefully all of these are really good questions to be asking, and maybe I ask some that have never really been thought about before.
[A] Involving Windows and PCs:
Should I be disabling things that I don't need / wish I didn't have that could be invading privacy, such as the Windows Store and Cortana?
Should I have a Microsoft Account enabled and synced on Windows?
Is it a bad idea to have the sync on when it comes to said account?
Besides antivirus, disk cleanup, uninstalling unused software, etc., what's the best way to keep the PC clean and protected?
Is it bad to have old data on the PC from things like old games and software? What's the best way to remove it?
Which is the safest solution to keeping a computer secure locally: PIN, Password, or Picture Password?
When it comes to PCs in general, is it safer to build it or to buy it pre-built to avoid bloatware, built-in adware, etc.?
Is Bluetooth safe to use on PC?
Using Bluetooth with headphones / headset, is it possible for trojans / spyware to intercept what I'm listening to / who I'm talking to?
Involving Mobile Devices:
Due to mobile devices being less restrictive when it comes to on-the-go apps, data, etc., what's the best way to keep the device secure from malware, spyware, etc. besides Malwarebytes?
I do not feel comfortable with the mobile device's camera. Should I cover it?
A device is a few years old it feels like it's slowing down and it's missing things like SMS and calls over a certain time, also certain notifications. Should I be worried that there's a security flaw?
What's a good way of cleaning a mobile device that doesn't involve a factory set, as to not lose all the data?
A family member has a lot of apps downloaded on their device, and seems to have an excessive amount of tabs open on said device. Though, when I scan it with Malwarebytes (Free) and Sophos, nothing shows up. Is there still a chance that malware and such is heavily embedded into the device?
Is there a way to block ads in-app like you can in a browser with something like uBlock?
Knowing it being a recent issue, Is there a good way of preventing interceptions with things like SMS and calls?
Besides Location (only turn on when I need to), what other settings should I keep off to keep me incognito from other apps and services?
Is it better to buy mobile devices from stores or from the official site?
I'm hearing notifications go off even though there isn't any when I open the screen. It is a known issue on some devices, however I've never had something like this happen with mine. Am I just going crazy?
Either from store providers or mobile companies, how do you fully remove bloatware from your phone?
What's the safest solution to keeping a mobile device secure on the lock screen: Knock Code, Pattern, Pin, Password, Fingerprint Scanner, or Picture Password?
[C] Involving Consoles, Smart Devices, Cable Boxes, etc.:
The Xbox One is a Windows-built console, and the PS4 tends to be very social. Obviously there's a possibility they can get malware and such, but whats a good way to remove said malware if the device is infected? Malwarebytes for Xbox One / PS4 when?
Xbox in general is a well known domain when it comes to hacking and hijacking, especially when it comes to Xbox (Microsoft) accounts. What's a good way to keep away from most hacks and hijacks, and what's the best way to keep a Microsoft account secure from hijacks on Xbox?
Ads are extremely excessive and invasive when it comes to the Xbox One. Is there any way to block them without doing anything shady?
Is Bluetooth safe to use in public areas?
Using Bluetooth with headphones / headset, is it possible for malicious passerby's to intercept what I'm listening to / who I'm talking to?
Due to recent events, how can you secure Smart TV's, Home Devices (Fire Stick, Chromecast, etc.), Printers, etc. from exploits via ports / connections?
Is it better to keep Smart TVs disconnected at all times?
What's the safest solution when it comes to using apps and services on other devices: Consoles, Home Devices, or Smart TVs?
Is there any way to block the sometimes excessive ads on Smart TVs and Hubs?
Some people are prone to leaving these devices on overnight or for extended periods of time, myself included. Is this a bad thing to do security-wise?
[D] Involving Accounts and Account Protection:
What's the safest solution when it comes to remembering passwords: Writing them down, a password manager, or a password encryption service (Where they make new passwords constantly, and supposedly only you have access)?
Certain sites like to opt in to use apps or services without consent and cause security risks, even if they are legitimate. How to I opt out / remove said apps or services?
[E] Involving 2FA:
What's the safest solution when it comes to an authenticator: Microsoft, Google, or Authy?
Although I have an authenticator on, there's still an option for me to use SMS to login. Since SMS can be intercepted, can this be a security issue?
Is it safer to have an authenticator on PC or a mobile device?
[F] Involving Web Browsing:
I want to stay anonymous on the web for the most part. Is there extensions to do so besides uBlock?
I wish to avoid accidental typos in the search engine, but it doesn't seem to automatically do it anymore. What should I do to avoid this?
Is it possible for a browser stealer to steal cookies and use them for malicious intent (account hijacking, spoofing, etc.)?
How do I know which news is legitimate and which ones are exaggerated / hidden ads?
[G] Involving Email:
Is it safer to use email on a browser or in an app?
Is it still possible to get viruses and malware just by opening an email?
Can opening emails on a mobile device in-app give me a virus or malware?
How do I keep excessive spam from being sent to an email?
Is it better to have a clean inbox, or have dated mail in case of certain situations?
[H] Involving IP, DNS, Router security and safety, etc.:
Although I have all settings on, I only see specifics in the log that may be hiding reasons why things are acting suspicious. What can I do or use to see the full traffic on the router?
What is the difference between a Proxy and a VPN? Please be descriptive.
Is it a good idea to have a Proxy / VPN on 24/7?
Is it a good idea to have a Proxy / VPN on the router?
What's the ideal way of keeping out exploits and such as to not have hijacks happen besides updating firmware, disabling UPnP, Remote Access, and updating the password?
I am seeing strange sites being allowed to certain devices in the logs that doesn't match up to the usual or secured traffic. Does this mean the router could be infected, or just a specific device(s)?
The router may be infected and I wish to factory reset, but the only computer is clear across the house and moving it could risk damage. What do I do?
I wish to have an Ethernet connection but I am across the house and I am unable to do any modifications to said house. What is the best option?
Is an Ethernet connection always safer than a WiFi connection?
Is it possible to have 2 separate connections (Not the same network, SSID, etc.) on 2 different routers and modems on the same line?
Is it possible for one router to get infected from another router, even though they're on 2 different modems?
Which is safer: Cable internet or Satellite internet?
Is it safer to use the ISP provided DNS, or an open DNS?
Involving Financial Security and Safety:
Is it a bad idea to have sites remember payment information, even if it involves subscriptions?
What's the best way to avoid skimmers and possible walk-by's with readers?
[J] Involving Data and Backup:
What is the best device to use when it comes to external backup of data?
Is OneDrive a good idea when it comes to storing personal data such as images and documents?
Is there any way to backup data on mobile devices that doesn't involve syncing?
Is it a bad idea to have Google backup a mobile device's data, such as settings, sensitive data, etc?
Is there a way to encrypt data fully when it comes to backups to where only I can decrypt it?
[K] Involving General:
Is it bad to be so worried about security all the time, even if I want to keep everyone safe?
Is it bad to be so paranoid, even when nothing is wrong security-wise?
Is it bad to check things like Security News and such daily if it only fuels my dilemma?
Involving the above questions. If so, should I think about taking classes for things like this, that way I feel safer knowing what's wrong and being able to help?
It's obvious that the family doesn't seem to care much about safety and security, and may be a reason why I'm asking all these questions in the first place. Should I have a meeting with them to talk about things like this so they fully understand, and so they stop pulling my hair out?
[L] Just Some Ideas Y/N:
Buildable phones. It'd be way cheaper, and you'd know what you'd have in your phone already. Y/N?
Multiple-Factor Authentication (MFA), specifically 3 or more, being more common. That way if they manage to get through one authentication via brute force, they still need to get through more. Not only this, but if an authenticator was first and they manage to brute force it, but they can't get past the second one in a specific amount of time, it'd require them to reenter a new authentication again which they obviously don't have. It could also work great with passkeys and fingerprint scans. Granted, it'd take more time out of your day. Y/N?
Automatically changing recovery codes. Some sites automatically disable attempts after a certain amount of tries, but there's still that what-if chance of brute force. Not quite sure how you could send them to the account holder though without potentially being exposed, however... Y/N?
2FA / MFA for payment sources online. Kind of hard to explain, but imagine if every purchase from an unknown IP or location was forced to use a specific authentication before you could purchase something, and not just your average 2FA from the site itself. I feel like it'd help out a lot when it comes to possible leaks and such, as along with this it could notify you when your card or account was used in an unknown location or IP before any damage happens. That way, you can have your card our account info changed or frozen if needed. I was also going to talk about doing this physically, but it seems like banks are slowly starting to roll out the feature on ATMs (finally). Y/N
Again, sorry for having so many questions. It's just that I want to be safe and secure in the end.