Personal Security: Difference between revisions

From WikiWiki
Jump to navigation Jump to search
No edit summary   (change visibility)
No edit summary   (change visibility)
Line 26: Line 26:
* Enable lockscreen with a code (or pattern, whatever), a thief/attacker/jealous girlfriend with physical access can open up and browse your phone
* Enable lockscreen with a code (or pattern, whatever), a thief/attacker/jealous girlfriend with physical access can open up and browse your phone
* Disable Wi-Fi stuff as from [[Personal_Security#Network]]
* Disable Wi-Fi stuff as from [[Personal_Security#Network]]
* Update your Android, the operating system has vulnerability just like any other
* Update your Android, the operating system has vulnerabilities just like any other
** If no android updates are available from your manufacturer, consider unlocking and putting https://www.lineageos.org/ on it
** If no android updates are available from your manufacturer, consider unlocking and putting https://www.lineageos.org/ on it
** If not, consider buying a new phone...
** If not, consider buying a new phone...
Line 34: Line 34:
* Enable lockscreen with a code! (or faceid or touchid, whatever)
* Enable lockscreen with a code! (or faceid or touchid, whatever)
* Disable Wi-Fi stuff as from [[Personal_Security#Network]]
* Disable Wi-Fi stuff as from [[Personal_Security#Network]]
* Make sure your ios is up to date, the operating system has vulnerability just like any other
* Make sure your ios is up to date, the operating system has vulnerabilities just like any other


= Software =
= Software =

Revision as of 13:16, 26 August 2021

A draft article on security!

Authentication (Passwords)

  • Use a strong password: 12+ characters, printable ascii, everything else is easily guessable
  • Use a unique password per service, what if the password of valid and important service XXX is leaked because you used it on unimportant only once used service YYY and you used the same password?
  • Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use)
    • start with regular sms (better then nothing)
    • if you're slightly more into Tech, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
    • make a backup of your codes, make a backup of the app! losing the app without backup means: no access to the service
  • Use a password vault to help you remember all the different strong passwords for different services and you're only human
    • secure that password vault like hell!
    • onepass, lastpass, keepass, ...
  • Certain online services allow for a backup mechanisms with a 2nd mail address, make sure that one is up to date!
  • Certain online services allow for apps to connect to, make sure to review and revoke

Backups

  • When things go south: make sure you have OFFLINE backups of all your useful data
  • Take a backup of your online services! Gmail/Google exports, Hotmail exports, Facebook, Twitter, Github, ... If it's compromised it's GONE. GDPR helps here by enforcing services to grant you access to your data.
  • Backup your password vault

Devices

Windows Computer

Android phone

  • Enable lockscreen with a code (or pattern, whatever), a thief/attacker/jealous girlfriend with physical access can open up and browse your phone
  • Disable Wi-Fi stuff as from Personal_Security#Network
  • Update your Android, the operating system has vulnerabilities just like any other
    • If no android updates are available from your manufacturer, consider unlocking and putting https://www.lineageos.org/ on it
    • If not, consider buying a new phone...
  • Make sure to enable the request on USB mode -> if the phone gets stolen and the thief/attacker plugs in a usb cable it has access to your photos!

iPhone

  • Enable lockscreen with a code! (or faceid or touchid, whatever)
  • Disable Wi-Fi stuff as from Personal_Security#Network
  • Make sure your ios is up to date, the operating system has vulnerabilities just like any other

Software

  • Update your software: windows, firefox, acrobat, vlc, notepad++, ... all software eventually becomes a security threat...
    • SuMo can help
    • Update all software on all devices! Including your desktop, laptop, mobile device, tablet, webcam, sonos, raspberry pi, connected oven, connected fridge, smart tv, ... Outdated software often contains well known vulnerabilities.

Network

  • Use a strong Wi-Fi PSK (16+ characters printable ascii), everything below is relatively easy to brute force
  • Use WPA2 PSK AES. WPA3 is out but not always available...
  • Don't use Wi-Fi profiles without PSK, Wi-Fi has known vulnerabilities where an attacker can make your device connect to it's fake and malicious network
  • Delete unused Wi-Fi profiles for reason above
  • Disable everything hotspot related, you don't need that