-
-
Notifications
You must be signed in to change notification settings - Fork 76
Security training: Individuals versus Assholes with Resources
Wiki ▸ Security culture ▸ Persona-based training matrix ▸ Security training: Individuals versus Assholes with Resources
Attackers | ||||
---|---|---|---|---|
Random Assholes | Assholes with Resources | The State | ||
Defenders | Individuals | Individuals vs Random Assholes | Individuals vs Assholes with Resources | Individuals vs The State |
Organizers and Journalists | Organizers & Journalists vs Random Assholes | Organizers & Journalists vs Assholes with Resources | Organizers & Journalists vs The State | |
Targeted Activists | Targeted Activists vs Random Assholes | Targeted Activists vs Assholes with Resources | Targeted Activists vs The State |
Before you dive too deeply into this practice material, you should first explore the following lower-hanging fruit in the following order:
- Firefox: Enable punycode in International Domain Names (IDN) display to thwart phishing
- Audit/revoke your social network account "Connected Apps" settings for apps you don't use
- Possibly put a credit freeze on your credit line at the four major credit bureaus. Follow these instructions.
- Turn on "automatic updates" for software you use.
- Don't click on links in emails you didn't solicit yourself; when you get an email "from PayPal" asking to verify your account close the email, open a Web browser yourself, and manually type
paypal.com
into the address bar, yourself, don't just click the link.- Use DKIM Verifier for Thunderbird to further test that email you receive is authentic (and not spam or phishing scams).
- turn off "show remote images/content" and other "preview" features in your mail, RSS reader, etc apps
- Turn off auto-play on videos, etc.
- Adblockers (uBlock Origin, etc.)
- Clear cookies (cookie-clearing/whitelisting plugins)
- Signal (because of authentication, not just for encryption)
- Tape or a sticker over your webcam to frustrate video recording. (Cheap and easy!)
- Take a headset (headphones + microphone), chop off the wiring below the sensors, and plug that in to your headset jack to frustrate audio recordings.
- Avoid transmitting or storing sensitive info such as credit card numbers on old devices that you can't keep up-to-date, use a different device for that
- Check or double-check the HTTPS lock icon's exact fingerprint for important sites like PayPal or Facebook
- When charging your devices over a USB connection, use a USB "condom" (data blocking adapter) to ensure only power flows into (or out of) the device
- Enable DNS over TLS support in your client devices, if available.
- DNS over HTTPS (TRR-DoH) instructions for Firefox.
- Install and enable the 1.1.1.1 app for DNS-over-TLS or DNS-over-HTTPS support on Android and iOS devices.
- If you use the Chrome Web browser, enable strict site isolation.
- Use a client-side encryption tool (Cryptomator, etc.) for storing your files in cloud services such as Google Drive or Dropbox.
- If running Windows, disable the Windows Platform Binary Table (WPBT) by making a registry edit that turns off this insecure feature.
The NYC chapter of the Anarcho-Tech Collective provides technological and digital infrastructure support services to anti-fascist, anti-racist, and anti-capitalist organizations in New York City. See our Activities and events page for details. Read our Welcome guides to get involved.
We appreciate your support to help us do what we do. If you have the means, please donate BitCoin to 17ByVbkM6mf7bytqWRFwzjqradBkmVh4Tr
.
Found an error in these pages? Please let us know by submitting a new issue ticket.