For Windows before 10, I used to use EMET. It blocked a few Firefox crashes that were either non-reproducible bugs or active exploits over the years. :)
For Linux, I use the grsecurity kernel patches. (I run Debian with the dotdeb repositories for PHP 7.)
I do most of my casual Internet browsing with Tor Browser (via torbrowser-launcher) inside of a virtual machine. Once a site is trusted, I'll actually visit it in my host OS.
I use password managers. Mostly LastPass (for casual use) and KeePass (for high-security use).
I encrypt my hard drives (with a 64-character passphrase) and smartphones (with a passphrase, not a PIN).
To take it even one step further, Even I did not exposing anything should I write a comment for questions like this at all?!
Some sort of Privacy Paranoia! :D
TECNO Security Response Center is a platform for cooperation and exchanges between TECNO and security industry experts, researchers, and organizations.
I choose to strictly control my geographical location rights, recording rights, photo rights, etc. Because I don't want my privacy to be leaked when I don't know it when I go out, I will turn on the geographical location, but when I arrive at my destination, I will immediately turn off this function to protect my privacy. Is there anyone just like me?
Sorry to answer with a question, but how does encrypting your hard drive affect your software development environment, VMs etc.? Does it make things slower?
Recently started using Tor/Signal/ProtonMail, 2FA.
I've physically removed the webcam, microphone, hard disk, and bluetooth/wifi chip out of my laptop. I boot the machine with a USB Tails w' persistent encrypted volume. I will be disabling Intel's Management Engine firmware a la hackaday.io once my Beagleboard arrives.
I've had to increase my laptop security on two different occasions two totally different ways - I'm looking forward to this thread to fill in some gaps.
~5 years ago someone got into and locked me out of several of my social media and email accounts by 1) me not logging myself out at the end of my session (on their computer), and b) successfully guessing my security questions. This was before MFA was near-standard, so I at least implemented my own version with notifications/email. I then set MFA up as soon as it was available. I've beefed up my security questions and use LastPass as a PW manager (that never remembers me). I also only use my own laptop, or another computer I strongly trust. I also have a backup email and phone contact number.
The second time my laptop was physically stolen from my apartment. Luckily I'm confident my password was strong enough, and there was very little data stored on the machine - everything was backed up and also stored in 'the cloud.' Since then I've moved out and encrypted my HDD. I hope to get a kensington lock soon to try and bolt down the machine if I have to leave it at home. The laptop webcam is also covered.
Experienced PHP and C programmer based in Norway, with a history of game and web development. CTO at Blue Scarab Entertainment, previously at Servebolt.com, IMVU, Smarterphone, and Funcom.
All the normal stuff (password manager, encryption), plus I unsubscribe from every online service that gets pwned, or is otherwise using bad security practices (like, sends forgotten passwords over email). And yes, that means I can no longer have a Tumblr, LinkedIn, or Adobe account, but these are the breaks.
I do almost nothing, and it's terrible. I should know better.
I've recently started using uBlock Origin. I used Adblock Plus before that, but that was to avoid seeing & loading ads, not to protect myself. Installing uBO was intended as a security & privacy measure.
Catch-All Emails to detect and pinpoint leaks (I recommend using a suffix like "-ca" to filter out any spam from Catch-All, google is f.e. "google.com-ca@example.com")
U2F
In case 10 fails, 2FA using Google Auth or similar apps
Don't use SMS or DIY-2FA (looking at you Steam)
uMatrix for Malware Domains (not ads)
ABP to block almost malicious ads (enabled acceptable ads because personal reasons)
Backups
Encrypting the important stuff (I don't see the usefulness of fulldisk encryption on anything but portable devices)
Private VPN on all devices <------ !!!
(I use PIA, but really: they're all so cheap, you're crazy not to use one.)
Password Safe for storing/generating passwords (Handy and works on all devices.)
Minimum password length 12 characters
Don't do business with or give PII to unverifiable sites. Seriously, know who you're doing business with!
Whole disk encryption on my linux box (and it is built in on my work laptop)
Periodically review list of devices connected to my network, and make sure I can identify who/what they are
For streaming accounts, periodically change password and/or kick off any registered devices that I can't identify
Set PIN's for online purchases when possible (e.g., Amazon)
Hushmail (I don't use this much, but I keep an active paid account just because I want to be able to send encrypted mail sometimes.)
Webcam unplugged when I'm not using it
My financial information and will, &c are on a hidden VeraCrypt volume. My wife has a poop sheet on how to find it and get into it. The volume itself is on a USB drive.
Don't install Flash (or any browser plugins), disable it if a browser comes with it preinstalled (Chrome)
Full disk encryption for all devices.
Password manager (1Password) with unique passwords for every service.
Use devices that have biometric login (e.g. Fingerprint) so people don't see you typing in your password, and it's not recorded by a security cameras (may sound silly but think this will become a new attack vector in the future).
Try to point computer screens away from windows (as in the glass kind, not the OS). All it takes is a competitor renting an office opposite yours, and armed with a high powered telescopic camera.
Use an AdBlocker.
Try to get all my software from official app stores (Mac App Store)
I got a aluminum baseball bat in my room, althought i think its for softball. Two-step verification and secondary email account and phone number. Linux (Debian) my main OS. Is it weird that i don't trust password managers? i mean, i rather memorize the passwords, even if there are a lot. I use AdBlock, but im guilty of whitelisting some of my favorite content creators.
Two tier network at home: DMZ for consumer stuff, "critical" for work. iPhone over android. Moving to yubikey for auth and code signing. Make sure that second-hand cars we buy don't come with adobe flash.
Still vulnerable to leakage of personal data from many sites, and wilful actions of installed phone apps like airline check in ones. Run 1+ of: Maven, apt-get or brew every single day on that critical development laptop
If I consider where I am most vulnerable, it is in that automated download and execution of developer tools and application libraries, To put it another way: the code I've written over the years runs on thousands of developer boxes every day. These people are relying not just on my competence, but my goodwill and the quality and detail of the peer review process in those OSS projects.
A technologist currently working in eHealth, loves to code, grow new developers and solve new problems leveraging old technology approaches.
I love opensource & knowledge sharing
Location
Kampala, Uganda
Education
BSc Civil Engineering
Work
Problem Solver and Solutions Strategist at Styx Technology Group
He/Him; Senior Software Developer, IT Swiss-army-knife.
Lots of coding, some hardware, some devops & sysops, some micro-controller electronics.
I used Arch BTW :)
I don't talk to anyone. Does that count? :P
What do you store in Keepass that falls under high security use? Why not just use KP for everything?
Maybe he just prefers the UI of LastPass over KeePass, and is willing to compromise on some security for usability?
Precisely.
One of the biggest measures is not exposing it online like that :)
To take it even one step further, Even I did not exposing anything should I write a comment for questions like this at all?!
Some sort of Privacy Paranoia! :D
I choose to strictly control my geographical location rights, recording rights, photo rights, etc. Because I don't want my privacy to be leaked when I don't know it when I go out, I will turn on the geographical location, but when I arrive at my destination, I will immediately turn off this function to protect my privacy. Is there anyone just like me?
Sorry to answer with a question, but how does encrypting your hard drive affect your software development environment, VMs etc.? Does it make things slower?
Recently started using Tor/Signal/ProtonMail, 2FA.
AFAIK it has no effect on read speed, and very slightly slows down write speed, but not noticeably.
I've physically removed the webcam, microphone, hard disk, and bluetooth/wifi chip out of my laptop. I boot the machine with a USB Tails w' persistent encrypted volume. I will be disabling Intel's Management Engine firmware a la hackaday.io once my Beagleboard arrives.
I've had to increase my laptop security on two different occasions two totally different ways - I'm looking forward to this thread to fill in some gaps.
~5 years ago someone got into and locked me out of several of my social media and email accounts by 1) me not logging myself out at the end of my session (on their computer), and b) successfully guessing my security questions. This was before MFA was near-standard, so I at least implemented my own version with notifications/email. I then set MFA up as soon as it was available. I've beefed up my security questions and use LastPass as a PW manager (that never remembers me). I also only use my own laptop, or another computer I strongly trust. I also have a backup email and phone contact number.
The second time my laptop was physically stolen from my apartment. Luckily I'm confident my password was strong enough, and there was very little data stored on the machine - everything was backed up and also stored in 'the cloud.' Since then I've moved out and encrypted my HDD. I hope to get a kensington lock soon to try and bolt down the machine if I have to leave it at home. The laptop webcam is also covered.
All the normal stuff (password manager, encryption), plus I unsubscribe from every online service that gets pwned, or is otherwise using bad security practices (like, sends forgotten passwords over email). And yes, that means I can no longer have a Tumblr, LinkedIn, or Adobe account, but these are the breaks.
I do almost nothing, and it's terrible. I should know better.
I've recently started using uBlock Origin. I used Adblock Plus before that, but that was to avoid seeing & loading ads, not to protect myself. Installing uBO was intended as a security & privacy measure.
Whats a poop sheet?
I got a aluminum baseball bat in my room, althought i think its for softball. Two-step verification and secondary email account and phone number. Linux (Debian) my main OS. Is it weird that i don't trust password managers? i mean, i rather memorize the passwords, even if there are a lot. I use AdBlock, but im guilty of whitelisting some of my favorite content creators.
Two tier network at home: DMZ for consumer stuff, "critical" for work. iPhone over android. Moving to yubikey for auth and code signing. Make sure that second-hand cars we buy don't come with adobe flash.
Still vulnerable to leakage of personal data from many sites, and wilful actions of installed phone apps like airline check in ones. Run 1+ of: Maven, apt-get or brew every single day on that critical development laptop
If I consider where I am most vulnerable, it is in that automated download and execution of developer tools and application libraries, To put it another way: the code I've written over the years runs on thousands of developer boxes every day. These people are relying not just on my competence, but my goodwill and the quality and detail of the peer review process in those OSS projects.
Video: youtu.be/tcRjG1CCrPs
Use different passwords for each service
Keep software up-to-date
Only use a single card for online purchases, hidden behind Paypal
Use Single Sign On (SSO) for a secondary social media account, rather than my primary email address
Do not use public computers for access
Encrypt hard drives
Do not put anything online that I do not want there
Notifications on accounts so that I know what is going on with my account at all times
2 factor authentication where possible
Private Internet Access! DUDURU DUUUU
Body Guard.... Just kidding I'm not the queen.
I don't know most of my passwords. Password manager to keep, and autogen.
Keep updated software. Ad Block. NO FACEBOOK GAMES!
I use a password manager, I think my phone's encrypted.
Taped webcam, encrypted hard drive on my notebook.
libreCrypt
Riot and wire instead of Whatspp
choco install unchecky
I love dev.to