-
-
Notifications
You must be signed in to change notification settings - Fork 76
Security training: Individuals versus Random Assholes
Wiki ▸ Security culture ▸ Persona-based training matrix ▸ Security training: Individuals versus Random Assholes
| Attackers | ||||
|---|---|---|---|---|
| Random Assholes | Assholes with Resources | The State | ||
| Defenders | Individuals | Individuals vs Random Assholes | Individuals vs Assholes with Resources | Individuals vs The State |
| Organizers and Journalists | Organizers & Journalists vs Random Assholes | Organizers & Journalists vs Assholes with Resources | Organizers & Journalists vs The State | |
| Targeted Activists | Targeted Activists vs Random Assholes | Targeted Activists vs Assholes with Resources | Targeted Activists vs The State | |
There are no prerequisites. The material presented on this page is relevant to every persona and every risk level. These practices therefore represent a minimum level of best-practice and are foundational to every other risk assessment presented in this framework.
- Scrub personal data and opt-out from "Data broker/vendor" sites such as Spokeo/PeopleSearch/Pipl.com, etc.
- Don't check in to places on Facebook/Foursquare/Yelp/etc publicly
- turn off location services (GPS) on your phone when you don't need it (also saves battery!)
- Turn off location tagging for your smartphone camera
- Audit/improve your social network privacy settings
- Verify friend requests with actual friends: When you get a Friend request from someone you don't know, but have mutual friends in common, send your mutual friend a private message asking for info about who the supposed person who may have sent the friend request actually is; avoids friending malicious/fake accounts.
- turn off "auto-pay" (and use Password Manager fill-in instead)
- Remove "saved fingers" (fingerprint scans) from your smartphone's memory, i.e., use a PIN or passphrase, or if you do choose to use a fingerprint, use only one or two finger's prints. (The more fingers you add, the easier it is for someone who is not you to use their fingerprint to open your device.)
- Use a password or secrets manager (and all that that entails!)
- Use strong passwords. Most password managers will help you generate these, and the main thing is that they should be long. If it's a password you will sometimes have to type in (i.e. your password manager cannot fill it in for you on a particular machine), use a long passphrase with words, words will be easier for you to type than a bunch of random characters.
- Generate random passphrases for your "password reset questions". Don't answer such questions honestly, because basic facts like where you went to school or your spouse's name can generally be found on social networks and data brokers.
- In addition to a password/secrets manager, use an identity manager such as SQRL, when available.
The NYC chapter of the Anarcho-Tech Collective provides technological and digital infrastructure support services to anti-fascist, anti-racist, and anti-capitalist organizations in New York City. See our Activities and events page for details. Read our Welcome guides to get involved.
We appreciate your support to help us do what we do. If you have the means, please donate BitCoin to 17ByVbkM6mf7bytqWRFwzjqradBkmVh4Tr.
Found an error in these pages? Please let us know by submitting a new issue ticket.