| Latest revision |
Your text |
| Line 1: |
Line 1: |
| == First Disclaimers ==
| |
|
| |
| * Proprietary vs Open Source Code - While Open Source Code is not necessarily more secure than proprietary code, one thing is clear: You as a user can't know whether proprietary code is secure, because unless you sign a Non-Disclosure Agreement, all you can do is to trust the promises of the developer/manufacturer. In addition, proprietary code is obsolete the moment the manufacturer abandons it: open source code can at least be updated by volunteers afterwards.
| |
| * Driver Backdoors - Unfortunately, most ARM devices use proprietary drivers which not only hold the system back from updated Linux kernels, but also could hide backdoors within.
| |
| * ARM Trustzone - Even without a baseband, this piece of proprietary system inside every modern ARM smartphone can be a threat.
| |
| * Hardware Backdoors - If a high level hostile actor (a government or a corporation) gets direct hardware access to your device through various means, don't expect your protections to hold up for long.
| |
|
| |
| This is why you should avoid smartphones entirely if you are under scrutiny from a powerful targeted threat, from a government to even a wealthy corporation or hacking group.
| |
|
| |
| == Before you start == | | == Before you start == |
|
| |
|
| The first step is to understand what sort of targeted threats you might face, before you figure out what kinds of vulnerabilities to patch. Targeted threats are actors who are specifically threatening you and your data directly. They do not necessarily encompass random attacks, though in the case of cryptocurrency they might as well be the same. These are questions that can help narrow down what you need. | | The first step is to understand what sort of targeted threats you might face, before you figure out what kinds of vulnerabilities to patch. Targeted threats are actors who are specifically threatening you and your data directly. These are questions that can help narrow down what you need. |
|
| |
|
| * '''Are you trying to generate encryption keys or secure large amounts of cryptocurrency?''' - Securing cryptocurrency and (to a lesser extent) GPG/SSH or other private keys is the most important legitimate use case that demands the utmost paranoia. You are your own bank and security guard in this case: however, there are ways to do this with the utmost security. | | * '''Are you trying to generate encryption keys or secure large amounts of cryptocurrency?''' - Securing cryptocurrency and (to a lesser extent) GPG/SSH or other private keys is the most important legitimate use case that demands the utmost paranoia. You are your own bank and security guard in this case: however, there are ways to do this with the utmost security. |
| Line 23: |
Line 14: |
| ** Avoid any Chinese-designed Androids entirely. They often come built in with invasive apps, some of which may have backdoors for the government. Even if you install a custom ROM, backdoors could exist at the hardware level. | | ** Avoid any Chinese-designed Androids entirely. They often come built in with invasive apps, some of which may have backdoors for the government. Even if you install a custom ROM, backdoors could exist at the hardware level. |
|
| |
|
| === Service Provider Leaks ===
| |
|
| |
| Although the day-to-day probability of having your own home network hit is low (unless you explicitly or inadvertently allow them in), the probability of attackers breaking into large service providers that could leak your data and grab data from your devices at the highest level is unfortunately significant.
| |
|
| |
| Although tech focused companies like Google, Amazon, and Facebook tend to have very competent security systems, government, corporate, and financial systems are unlikely to be as focused on security and can be very vulnerable to data leaks. The recent leaks of Target credit cards, US Government background checks, the Ashley Madison leak, and Equifax credit report data have been especially damaging to implicated users out of no fault of their own.
| |
|
| |
| There often isn't much that you yourself can do to stay outside of these databases and services, other than not use them. Sometimes it isn't even legitimately possible to avoid becoming part of a database, such as in the case of Credit Reports in the US, which are often checked just to get a job or a car, especially as they act as surrogates for a US National ID. Legislation must be made to force non-compliant businesses to abide by good security practice, or allow users to opt out, since otherwise there is little incentive for a non-tech focused company to do so.
| |
|
| |
| * '''Freeze your credit history.''' One powerful method in the case of credit history is to [https://krebsonsecurity.com/2015/06/how-i-learned-to-stop-worrying-and-embrace-the-security-freeze/ freeze your credit report] so that it is not accessible unless you consent to it. Many states in the US allow credit history to be frozen at will for free: unfortunately, other states allow them to charge a $10 fee, but even then the benefits may outweigh the costs. You can then unfreeze anytime at will when a major credit event is coming up, such as a new credit card, job application, new loan, etc: then just freeze back again.
| |
|
| |
| === Random Acts of Hacking ===
| |
|
| |
| If none of the above apply to you, you're still at threat of random attack events, whereby an attacker from anywhere on the internet obtains or hijacks your machine, identity, or accounts after achieving an exploit in your network, device, or service provider.
| |
|
| |
| == Devices to Use ==
| |
|
| |
| There are three levels of classification that we abide by for information, as inspired by US Government information protocols.
| |
|
| |
| * Top Secret - Grave danger to your person, your livelihood, or that of your friends and family.
| |
| ** Public/private keypairs - HTTPS certificates, SSH/GPG signing and authentication keys, cryptocurrency wallets
| |
| * Secret - Possibility of harm to your person, your livelihood, or that of your friends and family. Generally, information that the government knows (such as financial information) is considered Secret rather than Top Secret.
| |
| ** Your location, your address.
| |
| ** Account passwords.
| |
| * Confidential - Embarassment, deanonymization, or possible risks to your person, your livelihood, or that of your friends and family.
| |
| ** Contact information, usernames
| |
| ** Unfortunately, if your personal data has been publicly leaked online, consider it only confidential.
| |
|
| |
| Due to the prior possibility of backdoors, you should not consider smartphones to be suitable for Top Secret information. If you have no other choice (such as an emergency situation), try to mitigate your risks by sharing data only through means and services your adversary might not have or be able to compromise in time.
| |
|
| |
| === Top Secret ===
| |
|
| |
| * Devices: Open Source Hardware only: Libreboot laptops, Beagleboard, Raspberry Pi without VGA Blob.
| |
| ** No smartphones are allowed. The proprietary baseband and unlocked bootloader could have unlimited access to your RAM and your storage.
| |
| ** They're not going to be the best devices ever, and maybe not even the ones you use each day, but at least they're something you can trust.
| |
| * Operating Systems: G. Reproducible builds if at all possible.
| |
| * Networking: Onion Networks, i2p or Tor (hidden services only!!!)
| |
|
| |
| === Secret ===
| |
|
| |
| * Chat: Encrypted chat and email.
| |
| * Networking: HTTPS encryption
| |
|
| |
| === Confidential ===
| |
|
| |
|
| * Chat: Normal chat and email.
| |
| * Networking: HTTPS encryption
| |
|
| |
|
| [[Category:Draft]] | | [[Category:Draft]] |
