SECURITY / PRIVACY IS BASIC DIGNITY (ALL PUBLIC)
💡 CHECK BACK: UPDATED SECURITY / PRIVACY PRIORITY GUIDE
🔖 BOOKMARK THIS: STAY UP TO DATE
If you learn something here, consider supporting this to help it continue in the future. Multiple options listed on frontpage, including coreboot laptop, coffee donation, monthly membership with early access.
Without ability to selectively reveal ourselves to the world, we lose all ability to effectively create positive change in a world of increasing centralization.
🎉 Happy Data 🔐 Privacy Day
Things to prioritize. Our right to privacy doesn't have to be complicated.
The right balance to protect personal data / identifiers need not take months of configuration.
All comes down to healthy habits and automating system services / apps (where applicable).
💡 Each Change Makes A Difference
📺 VIDEO
Earlier post on Mastodon (Fosstodon) covered a few simple / key points to enhance privacy / data.
Below image, I've organized our most important tutorials thus far.
More tutorials in the works, may make dedicated page on Gitea Onion.
I cover all of these topics (and more) on public posts, right here on the blog. See all posts, select by category, search by title.
⭐ = CHECK OUT: GUIDES / RECOMMENDED TUTORIALS:
Recommended Operating Systems
⭐ Tails USB and / or Whonix (over Qubes): Privacy Benefits
⭐ Tails Encrypted Persistence Installation
⭐ Video: Upgrading Tails USB (required at times)
⭐ Video: Qubes Installation, Follow Along
⭐ Video: Qubes Tablet Touchscreen (making it work)
⭐ Kicksecure: Convert Debian To Kicksecure & Install Whonix
⭐ Prestium: Tails Inspired I2P Operating System
The balance here is choosing the right OS, for any given situation / threat model.
As a Journalist, Lawyer, or Activist, choices make all the difference (when it matters).
What's nice about having the above (Tails Live / Whonix / Prestium): it saves you loads of work. Why spend months if not years refining the perfect "private" system, when most of this work could be done for you (when you need it most)?
Even so, worthwhile to pursue Tutorials below, for education / for your daily driver:
📡 Radio Privacy (What Are You 🛰️ Sharing 📶 With 🌍 ?)
Laptop Speakers Acting As Remote RF Microphone (SDR Demo)
KISMET: find hidden devices (WiFi: Part I)
KISMET: admin from any smartphone / SBC
KISMET: Track Planes / Smart Meters (Part II: Discover Radio Devices Around Us)
📡 RADIO TIPS
Turn Off [Radio] Based Modules When Not In Use: wipri (for Linux desktop / phone users) solves many problems here & avoids sharing permanent mac address (wipri offers options on all)
Turning Off Bluetooth: rfkill block bluetooth
Use Radio Disinfo Like Wipri For WiFi / BLE / Hostname (extensive custom concept randomization options / protection)
📁 DOWNLOAD WIPRI (🧅 🔐 TOR BROWSER LINK)
WIPRI SCREENSHOT:
⭐ TIP: Wipri (Tor Browser link) has line to disable BLE during wipri start you can uncomment to enable
Many other options in wipri: see this, this (-w turns off wifi radio automatically for you), and this.
⭐ Why You Should Be Spoofing MAC / Using -w On Wipri (mactrack demo)
🧅 🔐 Use Tor (Where Possible)
⭐ Do I Need A VPN? Who Can I Trust? (things to consider)
⭐ Tor Clearnet vs VPN vs Tor Hidden Service
⭐ What Is A Tor Bridge? Should I Use A Bridge?
⭐ Contribute: Become A Tor Snowflake Bridge (Automated Installer)
⭐ UPDATE: Automated Installer Now With "upgrade" Snowflake
⭐ HOWTO: Use Tor Browser More Safely
🧄 🔐 Use I2P
✴️ RECOMMENDED: I2P-desktop ⬅️ use Tor Browser (installer creates shortcut on desktop / button on Linux phones + custom I2P browser profile: starts i2prouter for you on browser open, closes it on browser exit)
⭐ Get Started With I2P+ Today
⭐ Anonymous Clearnet On I2P+ (http outproxy)
⭐ Pinephone / Pinetab I2P Talk / Tips (goes for all devices)
⭐ Create I2P Desktop Browser Button (Video: all in one automated shortcut)
⭐ Tutorial: Setup Automated I2P Browser Button (shown on Pinephone - for all Linux devices)
⭐ I2P Tour: Sites You Need (anonymous Google / Youtube / Twitter / search engines)
⭐ I2PD Remote Browsing: setup i2pd-remote desktop shortcut to browse with remote SBC i2pd
(click the desktop shortcut & use remote i2pd anytime)
⭐ I2Psnark: Anonymous BitTorrent
⭐ I2P Amnesiac Operating System: Prestium
⭐ I2P On Android (covers an idk recommendation in 1min)
⭐ I2P: AVOID LEAKS (DNS example: important)
✴️ RECOMMENDED: Thunderbird + PGP Tutorial & I2Pmail ([email protected] & [email protected])
🔐 Use Frontends Where Possible (especially "Big Tech")
⭐ Search Google Anonymously
⭐ Customize Tor Browser With Privacy-Redirect (Automates frontend redirection) Tutorial
⭐ Tor Hidden Service Frontend Proxy Lists
⭐ Search Twitter / Youtube / Streetmaps Anonymously
🔐 Use 🔑 Encryption Where Possible
⭐ Communicate: Learn PGP (quickly) + Encrypting TXT / Check Signed img
⭐ PGP / GPG: Written Guide On Checking Signed Linux .img / .iso (screenshots included)
⭐ PGP / GPG: Transfer Keys Securely / Encrypt Files
⭐ Communicate: End to end encryption with torification / sandboxing
⭐ Communicate: Thunderbird Onionmail + PGP Encryption Part I
⭐ Communicate: Thunderbird Onionmail + PGP Encryption Part II
⭐ Communicate: Thunderbird Onionmail + PGP Encryption Part III
⭐ Communicate: Thunderbird Settings For Optimal Privacy / Security
⭐ PART II VIDEO: Thunderbird + PGP Tutorial & I2Pmail ([email protected] & [email protected])
⭐ Make Encrypted Volumes Hidden Inside Video File With Zulu-Crypt
⭐ crypto_homes (automated hardware key + removable encrypted $HOME disk creation project)
⭐ Privatebin: "Zero Knowledge" AES 256bit Encrypted Pastebin
⭐ Checksums: Maintain System Integrity
⭐ Checksums: Filesystem / App Integrity (find malicious file changes On Debian Based)
⭐ Checksums: Find Malicious File Changes (Arch Based Commands / Tips)
⭐ Checksums: Using Multiple Sources To Verify
⭐ iPhone Users: Enable End-To-End iCloud
⭐ Malicious HTTPS (Cert Auth Abuse / Mind Fingerprints)
⭐ Modified Elephant Story: Encryption Is Important (Journalists / Activists Framed Story)
🆔 Metadata (added Jan 31, 2023)
⭐ Introduction To Metadata (unique identification outside content)
⭐ Inject Disinfo Metadata Inside Files / Spoof Location In Pictures
🔒 🔑 SSH
⭐ SSH Part I: Weak Passwords Demo / Restricting Brute Force Attacks
⭐ SSH Part II: Don't Become Victim Of MiTM (Checking Fingerprints / Setting Key Authentication)
Watch Out For Backdoors / Malicious Hardware / Files
⭐ Backdoors Discovered In Hardware (important lessons from history)
⭐ Intel MGMT Engine / AMT Intro
⭐ Learn rkhunter: Detect Backdoors On Linux / BSD
⭐ UEFI / BIOS Can Come Backdoored (careful where you source hardware)
(malicious files are #1 way attackers compromise major networks)
🔐 Compartmentalize / 🔥🧱 Firewall
⭐ Firejail: Get Started With Sandboxing On Linux
⭐ Firejail Privacy Specific Tips / Demo
⭐ Opensnitch: Detect Processes Connecting / Block / Firewall
⭐ Opensnitch: Applications "Calling Home" + Faraday Bag
⭐ Isolate / Thwart Malicious App Activity Collection
⭐ Simple Compartmentalization Tips (Linux)
🔐 Harden / Security Enhancements
⭐ Sysctl: Changing Kernel Parameters (Systemd)
⭐ Audit / Harden Your System With Lynis
"Privacy / anonymity (when desired), the only Human Right capable of protecting all other rights. Without privacy, no Human Right is safe." -RTP
✅ THANKS FOR FOLLOWING THIS BLOG
THANK YOU.
Thanks to those have (ever) showed any form of support for projects here. Whether you shared a link, left a comment, like. It always makes a difference.
Or recommended blog to friends. All gestures greatly appreciated.
If something here ever helped you, consider sharing a video / post with others / social media. And / or, if you feel up to it, you can always offer a ☕ coffee.
☕ SUPPORT THIS
CASHAPP: $HumanRightsTech
BLOG MEMBERSHIP (extra posts / tips / early access / discounts & more)
XMR:48qtspi5En44mJZLeiMoHYFEmuJfQYb5DLQxLDr7d1NXc53XaAvoT8PS3wBrhEc3VY1wxu5Rgw6oKBYgahpSAYnpHntbQNM
💻 coreboot laptop: supports public interest work here, refurbished intel mgmt engine neutered laptop (security / privacy related options available)
FOLLOW ON SOCIAL MEDIA
🎥 VIDEO CHANNELS / MIRRORS:
Youtube Odysee Bitchute Peertube
FEEDBACK / CONTACT
If you have feedback, comments, or suggestions... love to hear from you.
EMAIL: righttoprivacy[at]tutanota.com / righttoprivacy[at]i2pmail.org
Let me know if you have any thoughts / questions.