Internet is huge, processed 1 zettabyte (insanely huge).
Your data is being siphoned up, but NSA may not be watching you.
James Mickens "This World Of Ours"
- Privacy Badger
- encrypting and anonymize internet traffic
- Tor browser
- theamnesicincognitolivesystem (tails)
- HTTPS everywhere
- VPN (theoneprivacysite.net/vpn-section/)
Text messages are sent in clear text! So SMS is bad news.
- Enable multifactor authentication (google authenticator, yubikey)
MFA is 'something you know', 'something you have', or 'something you are'
- Use strong passwords. Unique pass for each account/service
- Use password managers
'burp' is an HTTP intercepting proxy. It can brute force your stupid password very easily.
Check out Bruce Schneier's 'Choosing Secure Passwords'
- Minimum 12 characters
- Mixture of letters numbers and symbols, upper and lowercase
- No common patterns or personally-identifiable information
Just USE A PASSWORD MANAGER. Remember ONE password. OnePass/LastPass.
- Sync passwords ONLY OVER A SECURE NETWORK. Not public Wifi.
- Stay out of the cloud. Don't put them in the cloud...
- Encrypt your backup
Always Log Out. Don't leave yourself logged in. Because of Cross-Site Request Forgery Attack (CSRF).
- Don't sign up with real data for stupid sites.
- Just lie about your credentials.
- Use throwaway emails: Mailinator, MailDrop
- haveibeenpwned.com <-- check it to see if you've been on a site that's been hacked
Text messages aren't secure. If your iMessage is blue, it's encrypted. If it isn't, it's not. Use Signal or Chatsecure otherwise.
It's all about encryption. ProtonMail is secure. Use a PGP plugin. GPGSuite for Mac. Social Media PGP support.
- Use off-the-record encryption (OTR)
- Anonymous chat clients if you're really paranoid: Ricochet OTR is available on GChat.
Justin Engler's – 'Secure Messaging for Normal People'
- Disable locations and all diagnostic feedback
- PleaseRobMe.com used to tell people when their house could be robbed based on social media checkins. WHAT?!!!!
- Don't advertise your location.
- Disable geotagging on photos and media uploads.
- USB condoms
MeAndMyShadow – Increase Your Privacy <--- good How To's
EFF has good travel information.
- Know your rights
- Don't take secrets with you
- Use passwords not fingerprints (your fingerprints are considered public data)
- Use full disk encryption
- Create travel profiles/accounts
- Use burners (laptops/phones)
- Power down
All Macs have FileVault built in. Use it!
Moral of the story: Yes the NSA is watching you, but not they aren't targeting you. Privacy still matters.
- OWASP