Our privacy is in danger

Image for post
Image for post

Cybersecurity and Privacy

AI

And then you have AI that is learning your every movement.

How to fight?

I have been researching this topic for at least 10 years now, and I want to share some of my knowledge here. I’m no Infosec but just very passionate about. Some of the below is used by chinese protesters, russian freedom journalists or oppressed groups.

Internet

  • Never reuse passwords, and change them on a regular basis, especially the ones that you use frequently, since any malware attack on a website could expose it.
  • Never reuse online usernames, and keep online identities separate as well, and compartimentalized.
  • Use temporary emails
  • If you have public Wifi access near you then you should use those often but only through a VPN + HTTPS connections, since Wifi’s can definitely be honeypots, so heavy encryption is needed there. You should also randomize your MAC address when using Public Wifis for extra privacy.
  • Only Firefox or GNU Icecat, Firefox might also need some hardening. Use these addons uBlock Origin, Privacy Badger, HTTPS Everywhere, ClearURLs
  • Get a good VPN for regular browsing but remember to buy one. And buy one from a company that is not registered in your country. Why VPN is not enough or Tor Browser or I2P for extra privacy.
  • Get a good FOSS firewall, like ufw (gufw), and block all incoming connections, block any outgoing port except 80 and whatever your system might use for synching and update checks, enable them on a need basis, otherwise block every unused port.
  • Get a good router, preferably one that can use openwrt, and reflash it with a FOSS firmware, and connect to the internet only through the router, and configure it the same way, enable all DDOS protections on the router, block unused ports, IP and MAC filtering if necessary and all other security features if it has. I would also disable WIFI, bluetooth and whatever other radio systems it has and only use WAN cables to connect to the internet. Otherwise anyone near your house could hack it.
  • A good password manager like KeepassXC, you can also keep a list of bookmarks there, but I prefer with Firefox’s bookmark bar which can be exported/imported.
  • Deploy a Docker within a browser

Phone

OPSEC

PC

  • Have 2 PCs. One for your gaming/fun and one for business. Never mix the two, never use the same USB or SD cards. I would personally get a computer with EFI support and change it int the BIOS to EFI instead of UEFI. So for laptop a Thinkpad X series would be good or other ones that support coreboot. I would also get a Raspberry Pi 3 as a backup computer, it has ARM CPU and it’s more open source than regular desktop PC’s, and it can be a good backup one for various reasons and can also be used as a flashing station if you choose to go with the Libreboot road.
  • OS: I would only use GNU/Linux based operating systems on the privacy computer. So just use a good enough and open source Linux Distro.
  • For General Purpose OS:
  • Debian
  • openSUSE
  • Manjaro
  • Fully Open-Source OS
  • Extra Privacy & Security:
  • Tails
  • Alpine Linux
  • Linux Kodachi
  • Qubes OS
  • Whonix
  • Backups: For backups I would never use the cloud, today’s encryption standards might be broken with quantum computing, and most cloud providers store your data forever and hand it to the government and data brokers. So if possible avoid the cloud, but if you want to go with a reputable cloud provider, then still encrypt your data multiple times with different passwords and then upload it. I recommend Veracrypt for creating encrypted containers where you can put your sensitive data on it, and another layer of encryption with GnuPG with a different password, just to be sure. So you make a VC container with 1 password, put all your files in there, close it, and then encrypt the VC file with GPG again with a different password. Instead of using the cloud, I would buy a bunch of MicroSD cards and put it on them. So get like 10 SD cards, copy your backups on them, and hide them around your house, or possibly at your parent’s house or relative’s house if you fear that your house can burn down or flood or destroyed by earthquake.

Call me what you want, pessimist, realist, Stoic, but at least look at the facts

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store