Home Events! Entrance Everyone Wiki Search Login Register

Welcome, Guest. Please login or register. - Thinking of joining the forum??
November 23, 2024 - @923.90 (what is this?)
Forum activity rating: Three Stars Posts: 33/1k.beats Unread Topics | Unread Replies | My Stuff | Random Topic | Recent Posts    Start New Topic
News: :skull: Websites are like whispers in the night  :skull:

+  MelonLand Forum
|-+  World Wild Web
| |-+  ☞ ∙ Life on the Web
| | |-+  ⛽︎ ∙ Technology & Archiving
| | | |-+  Extra Security Measures


« previous next »
Pages: [1] Print
Author Topic: Extra Security Measures  (Read 891 times)
SilkSkull
Hero Member ⚓︎
*****


⛺︎ My Room
SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« on: September 20, 2023 @111.10 »

Besides the usual passwords and 2FA, what are the extra security measures you take when online or even just with your offline data/hardware?

Personally I am a little bit nuts when it comes to security, this is my current list of software and techniques:

  • First I use KeePassXC to use a different password for everything and generate secure and long passwords
  • Of course with a program to remember passwords for me I've done away with my fingerprints everywhere except opening my phone (Just for speed's sake
  • When file or text encryption is needed I use Gpg4Win for generating and using PGP keys, as well as verifying messages and downloads
  • I'm currently in the process of setting up a hardware key for my main PC as well as a backup incase I manage to lose the hardware key

That's my list (At least until I add or remember more :P)
Logged

She/Her
"Will you stop adding lampposts to my games?"

shevek
Sr. Member ⚓︎
****


˚₊⁀꒷₊˚︰₊︶꒦꒷₊⊹︰꒷

⛺︎ My Room
iMood: daintyeco

View Profile WWW

Thanks for being rad!First 1000 Members!Joined 2023!
« Reply #1 on: September 20, 2023 @293.60 »

I use separate email addresses for separate purposes or sites :smile:
Logged

Odo was just an idea. Shevek is the proof.
BlazingCobaltX
Full Member ⚓︎
***


⛺︎ My Room
StatusCafe: blazingcobaltx

View Profile WWW

Suck At Something September - Did It!First 1000 Members!Joined 2023!
« Reply #2 on: September 20, 2023 @348.76 »

I've recently adapted the 3-2-1 rule for our family back-ups: Three external hard drives, two different types of media, one copy off-site. Though I realise I may have missed the 2 different types of media step...
Logged

Memory
Guest
« Reply #3 on: September 20, 2023 @702.99 »

I use Bitwarden for passwords, and I pay for their premium plan (which is actually quite cheap) because it gives me neat security reports that are pretty useful! I also try to use 2FA whenever possible, although it's a pain in the ass to be honest and it's gotten me locked out of accounts before that I'm still trying to get back into.
Logged
SilkSkull
Hero Member ⚓︎
*****


⛺︎ My Room
SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« Reply #4 on: September 20, 2023 @717.15 »

I've recently adapted the 3-2-1 rule for our family back-ups: Three external hard drives, two different types of media, one copy off-site. Though I realise I may have missed the 2 different types of media step...

That is a good idea but it can be very easy to lose track of steps xD

I use separate email addresses for separate purposes or sites :smile:

That's something I gotta get around to doing, especially since I already use about 6 emails  :tongue:

I use Bitwarden for passwords, and I pay for their premium plan (which is actually quite cheap) because it gives me neat security reports that are pretty useful! I also try to use 2FA whenever possible, although it's a pain in the ass to be honest and it's gotten me locked out of accounts before that I'm still trying to get back into.

I might give bitwarden a try, I have been meaning to for quite some time now. Also a good app for making 2FA easier and more secure is FreeOTP+
Logged

She/Her
"Will you stop adding lampposts to my games?"

Memory
Guest
« Reply #5 on: September 20, 2023 @756.06 »

[removed by author]
« Last Edit: July 31, 2024 @626.68 by j » Logged
SilkSkull
Hero Member ⚓︎
*****


⛺︎ My Room
SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« Reply #6 on: September 20, 2023 @771.22 »

this doesn't have to be a huge hassle! a lot of domain providers also offer customers the option to set up full-blown mailboxes as well as forwarding email address. some will let you edit the DNS records for your domain, too.

this means that you don't have to setup an individual inbox for each service or site you use; you can create one central inbox, then have a bunch of addresses for different sites that forward to your one inbox.
for instance: i use melonland@sbcv.co.uk for emails from melonland, but that forwards to some other vague inbox that i'm not going to list here, meaning that i only have to login to one inbox for everything!

---

aside from that, here's some of the security / privacy steps i take:

- do everything on paper.
  this is true for everything from writing fiction to writing code.
  i write stuff on paper, then if i want to translate things to digital format, i can.
  it gives me the space to think about whether making something digital is /really/ a good idea,
  because digital media is often recoverable, even if you're offline.
  a lot - if not all - CPUs are proprietary, so i can never know if some commands are running in the
  background to discreetly connect to the internet and work some spyware.
  similarly, erasing data from anything digital is notoriously difficult.
  you can delete stuff, sure, but data can remain on a hard drive after erasure.
  it would take writing block zeros to a disk to fully wipe a disk (afaik), which can take days depending
  on the size of the device.
  similarly, RAM can be processed (so data you have in your applications, like the text in my browser
  as i'm writing this) in a similar way, via a cold boot attack.

  where i can, i hand-deliver letters instead of emails, talk to people away from devices and
  entertain myself without computerized technology.
- i don't use a vpn.
  loads of arguments for and against vpns that i won't peddle.
  my threat model doesn't need one; there's no guarantee (even if you're relying on auditing which is
  just fancy word-of-mouth!) that the data you send to a VPN server isn't being logged somewhere and
  used.
  the /only/ guarantee of a working VPN in my opinion is one you self-host, which is pretty useless
  unless you have a lot of friends that connect to it, otherwise you're just shifting your requests
  from one device to another.
  even if you adopted this approach: how can your friends trust you?!
- my operating system boots entirely into ram!
  everything is kept on a usb which i boot off of.
  then, all the package files and dependencies are kept on a separate usb stick so i can install them
  on-demand in my terminal.
  this makes booting my computer /insanely/ fast; prevents disks from dying quickly and keeps me safe
  (there's no hard-drive i need to write zeros to!)
  as for digital files... i write them on paper / print them when i can!
- i avoid encryption.
  i would /love/ a world where asymmetric encryption was the default for the messages we send.
  unfortunately, i believe that encryption is counter-intuitive to my threat model.
  some third party spying on me is going to be less suspicious of me if i blend in as an average internet
  user (which is why i try to stay away from the net!) than if i were to encrypt things.

anyway, that's very much in alignment with /my/ threat model. if security is your biggest concern: go off of the devices you use!

I'm surprised it took this many posts to mention threat models, this can create very different security needs and I'm glad to hear a different type of security because of your threat model. I also love and need to look into the idea of using multiple emails and using forwarding!
Logged

She/Her
"Will you stop adding lampposts to my games?"

ThunderPerfectWitchcraft
Sr. Member ⚓︎
****


Here be dragons

⛺︎ My Room

View Profile WWW

Thanks for being rad!First 1000 Members!Joined 2023!
« Reply #7 on: September 20, 2023 @898.41 »

-Using nearly exclusively Open Source Software
-Updating regularly
-Full disk encryption
-Using an adblocker/NoScript
-Using long, complicated passwords.
Logged

Melooon
Hero Member ⚓︎
*****


So many stars!

⛺︎ My Room
SpaceHey: Friend Me!
StatusCafe: melon
iMood: Melonking
Itch.io: My Games

View Profile WWW

Thanks for being rad!a puppy for your travelsAlways My PalFirst 1000 Members!spring 2023!Squirtle!!!!MIDI WarriorMIDI Warrior1234 Posts!OzspeckCool Dude AwardRising Star of the Web AwardMessage BuddyPocket Icelogist!OG! Joined 2021!...
« Reply #8 on: September 20, 2023 @905.91 »

Occasionally people will send me obscure zip files; I do sometimes take some extra precautions when opening such zips!

I download them in an isolated virtual machine running linux; and sometimes I will run ClamAV on them to check that nothing is amiss.

So far they have all turned out to be very nice collections of textures and gifs to add to my sites :ha:
Logged


everything lost will be recovered, when you drift into the arms of the undiscovered
Cobra!
Hero Member ⚓︎
*****


’S fhearr Albais bhriste na Albais sa chiste

⛺︎ My Room
StatusCafe: cobradile
iMood: Cobradile
Matrix: Chat!
XMPP: Chat!
Itch.io: My Games

View Profile WWW

Happy Birthday 2k24 !bred :3First 1000 Members!Pocket Icelogist!OG! Joined 2021!
« Reply #9 on: September 21, 2023 @85.79 »

I use Librewolf as my browser, which is a fork of Firefox that removes the sneaky telemetry it has.

I use Mullvad VPN, which can’t identify you because your account is literally just a number. No email addresses or any personal information is stored as far as I know! It’s also good enough to fool pretty much everything that tries to tell you where you are, so that’s neat!

I also use add-ons like Chameleon to spoof my profile that gets sent to websites.

I should look into getting a physical address book so I can store any numbers that way instead of storing my contacts on an Android.
Logged




“Snooping as usual, I see?”
SilkSkull
Hero Member ⚓︎
*****


⛺︎ My Room
SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« Reply #10 on: September 21, 2023 @193.46 »

-Using nearly exclusively Open Source Software
-Updating regularly
-Full disk encryption
-Using an adblocker/NoScript
-Using long, complicated passwords.


These are really good tips especially for people not wanting to have to go down the route of a lot of extra software!

Occasionally people will send me obscure zip files; I do sometimes take some extra precautions when opening such zips!

I download them in an isolated virtual machine running linux; and sometimes I will run ClamAV on them to check that nothing is amiss.

So far they have all turned out to be very nice collections of textures and gifs to add to my sites :ha:

That is a really good idea for any potentially weird file, it's also so weird to me to imagine receiving random zip files of gifs xD

I use Librewolf as my browser, which is a fork of Firefox that removes the sneaky telemetry it has.

I use Mullvad VPN, which can’t identify you because your account is literally just a number. No email addresses or any personal information is stored as far as I know! It’s also good enough to fool pretty much everything that tries to tell you where you are, so that’s neat!

I also use add-ons like Chameleon to spoof my profile that gets sent to websites.

I should look into getting a physical address book so I can store any numbers that way instead of storing my contacts on an Android.

I gotta try that add on! I also recommend checking your local drug store or pharmacy for address books!
Logged

She/Her
"Will you stop adding lampposts to my games?"

Pages: [1] Print 
« previous next »
 

Vaguely similar topics! (3)

Anti-Piracy measures in games

Started by Cobra!Board ♖ ∙ Video Games

Replies: 4
Views: 1071
Last post August 15, 2022 @685.54
by TheFrugalGamer
how to extract artist name metadata from mp4 stream?

Started by candycanearter07Board ☔︎ ∙ I need Help!

Replies: 4
Views: 249
Last post August 12, 2024 @958.76
by candycanearter07
Old hard drive exploration extravaganza (now what?)

Started by Succy BeverageBoard ⛽︎ ∙ Technology & Archiving

Replies: 2
Views: 571
Last post April 17, 2024 @933.69
by Succy Beverage

Melonking.Net © Always and ever was! SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies Forum Guide | Rules | RSS | WAP | Mobile


MelonLand Badges and Other Melon Sites!

MelonLand Project! Visit the MelonLand Forum! Support the Forum
Visit Melonking.Net! Visit the Gif Gallery! Pixel Sea TamaNOTchi