Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Cybersecurity essentials:
- * use audited cryptography. do not roll your own. do not trust others that do (e.g., telegram).
- * harden your OS.
- https://wiki.archlinux.org/index.php/Security
- https://wiki.centos.org/HowTos/OS_Protection
- https://wiki.debian.org/Hardening
- https://wiki.gentoo.org/wiki/Hardened_Gentoo
- https://docs.fedoraproject.org/en-US/Fedora/17/html/Security_Guide/chap-Security_Guide-Basic_Hardening.html
- https://help.ubuntu.com/community/Security
- * encrypt your hard drive (full disk encryption, or FDE for short).
- standard LVM encryption is the best option and should be available when installing your linux distro.
- for a disk that is not part of your operating system, a portable drive for example, dmcrypt/LUKS is the best option but veracrypt is
- available on all platforms. keep in mind your installer may or may not encrypt your GRUB and there are several ways of dealing with
- that issue which are discussed in the Paranoid #! security guide linked in the introductory resources below. keep in mind disk
- encryption means nothing to an experienced attacker with physical access if you have not completely shut down your computer and
- wiped the RAM.
- * encrypt your emails.
- PGP is pretty much all we have, but it is all we need.
- https://www.enigmail.net/
- your metadata may still be collected. if you care about metadata, use a disposable email account or a trusted provider. suggestions
- include protonmail or cock.li.
- * encrypt your instant messages.
- for better or worse XMPP+OTR is still our best bet.
- https://otr.cypherpunks.ca/
- i would not depend on anything else. even if the crypto in other apps is theoretically sound, the implementation fails or the
- distribution method is inherently flawed. cryptocat is an unpopular, but good option. telegram, tox, and wickr are fucked. do not
- even bother. you might as well use skype.
- * use a local password manager (no cloud bullshit).
- any. it is better than what you are doing now.
- * strong passwords. make sure they are long and unique.
- https://www.xkcd.com/936/
- * do not reuse passwords. seriously.
- if you do, consider your password public knowledge.
- bypassing a login wall? sure. fuck it. who cares if someone else uses it.
- anything you care about? no. absolutely not.
- * better yet, use randomly generated passwords. the best password is one you cannot remember.
- https://www.grc.com/passwords.htm
- * your new search engine is duckduckgo or searx.
- https://duckduckgo.com/
- https://searx.me/
- * your new browser is firefox.
- be sure to go into options, then security, and uncheck block malicious content.
- https://www.mozilla.org/en-US/firefox/new/
- * modify some settings
- enter about:config into your url bar and apply the following modifications. do not bitch about there being too many options. that is the
- fucking point. you cannot even configure many of these settings in other browsers without modifying its source or building addons.
- https://pastebin.com/raw/T8TeepZP
- the changes listed above are unambiguous and unopinionated. you can go a much further than this at the expense of comfort and
- convenience. consider modifying some of the settings listed on https://github.com/pyllyukko/user.js/blob/master/user.js depending on
- the sacrifices you are willing to make for privacy and security.
- * now install your addons.
- required: ublock origin, https everywhere, noscript, blender
- https://addons.mozilla.org/en-US/firefox/
- * apply your filters.
- required: easylist, easyprivacy.
- https://easylist.to/
- * and test your results.
- https://panopticlick.eff.org/
- * do not use chrome. chrome is a closed source browser by a for profit corporation. firefox is an open source browser by a non-profit
- organization. use your head.
- * do not use chromium either. it may be open source, but it still phones home.
- * block malicious sites in your hosts file.
- https://github.com/StevenBlack/hosts
- * use an anonymous VPN. a paid one. without traffic logs.
- do torrent over VPN.
- * use TOR.
- do not torrent over TOR.
- https://www.torproject.org/
- * understand the difference between anonymity, privacy, and security.
- * read the resources paste to get started.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement