A Quick word or two on OPSEC
- You are only as secure as you make yourself
- You are probably less secure than you think
shredis a decent way to treat sensitive files before they are deleted. Why don't you know this?
- If you have passwords on YOUR local private machine, in plain text, why?
- GPG is not hard to use, just an extra step.
- You can put secrets anywhere in plain view, as long as they are sufficiently encrypted. (sufficient is always relative to "technology now" and "technology soon")
- Treat your clipboard, homefolder, configs etc as already compromised spaces, don't keep secrets on them, you may as well have a post it stuck to your fridge, with your bank login.
- 2FA is hard to circumvent... HARD, not impossible.
- Clipboard managers, have clear history, ... do that, but also
shredthe backing store if you leak to the clipboard.
- No email is not encypted, despite what that "expert on YouTube" said
- Air gaps aren't secure.
- SCIFs aren't secure, but they're more secure than you'll ever be.
- Humans are leaky.
Night night, sleep tight.