Home Entrance Everyone Wiki Search Login Register

Welcome, Guest. Please login or register. - Thinking of joining the forum??
May 28, 2024 - @802.35 (what is this?)
Forum activity rating: Two Star Posts: 17/1k.beats Unread Topics | Unread Replies | Own Posts | Own Topics | Random Topic | Recent Posts
News: :transport: :transport: More is More :transport: :transport:

+  MelonLand Forum
|-+  Interests Zone
| |-+  ⛽︎ ∙ Technology & Archiving
| | |-+  Extra Security Measures


« previous next »
Pages: [1] Print
Author Topic: Extra Security Measures  (Read 625 times)
SilkSkull
Hero Member ⚓︎
*****


SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« on: September 20, 2023 @111.10 »

Besides the usual passwords and 2FA, what are the extra security measures you take when online or even just with your offline data/hardware?

Personally I am a little bit nuts when it comes to security, this is my current list of software and techniques:

  • First I use KeePassXC to use a different password for everything and generate secure and long passwords
  • Of course with a program to remember passwords for me I've done away with my fingerprints everywhere except opening my phone (Just for speed's sake
  • When file or text encryption is needed I use Gpg4Win for generating and using PGP keys, as well as verifying messages and downloads
  • I'm currently in the process of setting up a hardware key for my main PC as well as a backup incase I manage to lose the hardware key

That's my list (At least until I add or remember more :P)
Logged

She/Her
"Will you stop adding lampposts to my games?"

shevek
Sr. Member ⚓︎
****


˚₊⁀꒷₊˚︰₊︶꒦꒷₊⊹︰꒷

iMood: daintyeco

View Profile WWW

First 1000 Members!Joined 2023!
« Reply #1 on: September 20, 2023 @293.60 »

I use separate email addresses for separate purposes or sites :smile:
Logged

Odo was just an idea. Shevek is the proof.
BlazingCobaltX
Full Member ⚓︎
***


StatusCafe: blazingcobaltx

View Profile WWW

First 1000 Members!Joined 2023!
« Reply #2 on: September 20, 2023 @348.76 »

I've recently adapted the 3-2-1 rule for our family back-ups: Three external hard drives, two different types of media, one copy off-site. Though I realise I may have missed the 2 different types of media step...
Logged
Memory
Guest
« Reply #3 on: September 20, 2023 @702.99 »

I use Bitwarden for passwords, and I pay for their premium plan (which is actually quite cheap) because it gives me neat security reports that are pretty useful! I also try to use 2FA whenever possible, although it's a pain in the ass to be honest and it's gotten me locked out of accounts before that I'm still trying to get back into.
Logged
SilkSkull
Hero Member ⚓︎
*****


SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« Reply #4 on: September 20, 2023 @717.15 »

I've recently adapted the 3-2-1 rule for our family back-ups: Three external hard drives, two different types of media, one copy off-site. Though I realise I may have missed the 2 different types of media step...

That is a good idea but it can be very easy to lose track of steps xD

I use separate email addresses for separate purposes or sites :smile:

That's something I gotta get around to doing, especially since I already use about 6 emails  :tongue:

I use Bitwarden for passwords, and I pay for their premium plan (which is actually quite cheap) because it gives me neat security reports that are pretty useful! I also try to use 2FA whenever possible, although it's a pain in the ass to be honest and it's gotten me locked out of accounts before that I'm still trying to get back into.

I might give bitwarden a try, I have been meaning to for quite some time now. Also a good app for making 2FA easier and more secure is FreeOTP+
Logged

She/Her
"Will you stop adding lampposts to my games?"

j
Full Member ⚓︎
***


bleh bleh *gargle gargle*


View Profile WWW

First 1000 Members!Joined 2023!
« Reply #5 on: September 20, 2023 @756.06 »

Quote from: shevek on Today at 08:02:47 am

    I use separate email addresses for separate purposes or sites :smile:


That's something I gotta get around to doing, especially since I already use about 6 emails  :tongue:

this doesn't have to be a huge hassle! a lot of domain providers also offer customers the option to set up full-blown mailboxes as well as forwarding email address. some will let you edit the DNS records for your domain, too.

this means that you don't have to setup an individual inbox for each service or site you use; you can create one central inbox, then have a bunch of addresses for different sites that forward to your one inbox.
for instance: i use melonland@sbcv.co.uk for emails from melonland, but that forwards to some other vague inbox that i'm not going to list here, meaning that i only have to login to one inbox for everything!

---

aside from that, here's some of the security / privacy steps i take:

- do everything on paper.
  this is true for everything from writing fiction to writing code.
  i write stuff on paper, then if i want to translate things to digital format, i can.
  it gives me the space to think about whether making something digital is /really/ a good idea,
  because digital media is often recoverable, even if you're offline.
  a lot - if not all - CPUs are proprietary, so i can never know if some commands are running in the
  background to discreetly connect to the internet and work some spyware.
  similarly, erasing data from anything digital is notoriously difficult.
  you can delete stuff, sure, but data can remain on a hard drive after erasure.
  it would take writing block zeros to a disk to fully wipe a disk (afaik), which can take days depending
  on the size of the device.
  similarly, RAM can be processed (so data you have in your applications, like the text in my browser
  as i'm writing this) in a similar way, via a cold boot attack.

  where i can, i hand-deliver letters instead of emails, talk to people away from devices and
  entertain myself without computerized technology.
- i don't use a vpn.
  loads of arguments for and against vpns that i won't peddle.
  my threat model doesn't need one; there's no guarantee (even if you're relying on auditing which is
  just fancy word-of-mouth!) that the data you send to a VPN server isn't being logged somewhere and
  used.
  the /only/ guarantee of a working VPN in my opinion is one you self-host, which is pretty useless
  unless you have a lot of friends that connect to it, otherwise you're just shifting your requests
  from one device to another.
  even if you adopted this approach: how can your friends trust you?!
- my operating system boots entirely into ram!
  everything is kept on a usb which i boot off of.
  then, all the package files and dependencies are kept on a separate usb stick so i can install them
  on-demand in my terminal.
  this makes booting my computer /insanely/ fast; prevents disks from dying quickly and keeps me safe
  (there's no hard-drive i need to write zeros to!)
  as for digital files... i write them on paper / print them when i can!
- i avoid encryption.
  i would /love/ a world where asymmetric encryption was the default for the messages we send.
  unfortunately, i believe that encryption is counter-intuitive to my threat model.
  some third party spying on me is going to be less suspicious of me if i blend in as an average internet
  user (which is why i try to stay away from the net!) than if i were to encrypt things.

anyway, that's very much in alignment with /my/ threat model. if security is your biggest concern: go off of the devices you use!
Logged

i go by j, she/they :)
SilkSkull
Hero Member ⚓︎
*****


SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« Reply #6 on: September 20, 2023 @771.22 »

this doesn't have to be a huge hassle! a lot of domain providers also offer customers the option to set up full-blown mailboxes as well as forwarding email address. some will let you edit the DNS records for your domain, too.

this means that you don't have to setup an individual inbox for each service or site you use; you can create one central inbox, then have a bunch of addresses for different sites that forward to your one inbox.
for instance: i use melonland@sbcv.co.uk for emails from melonland, but that forwards to some other vague inbox that i'm not going to list here, meaning that i only have to login to one inbox for everything!

---

aside from that, here's some of the security / privacy steps i take:

- do everything on paper.
  this is true for everything from writing fiction to writing code.
  i write stuff on paper, then if i want to translate things to digital format, i can.
  it gives me the space to think about whether making something digital is /really/ a good idea,
  because digital media is often recoverable, even if you're offline.
  a lot - if not all - CPUs are proprietary, so i can never know if some commands are running in the
  background to discreetly connect to the internet and work some spyware.
  similarly, erasing data from anything digital is notoriously difficult.
  you can delete stuff, sure, but data can remain on a hard drive after erasure.
  it would take writing block zeros to a disk to fully wipe a disk (afaik), which can take days depending
  on the size of the device.
  similarly, RAM can be processed (so data you have in your applications, like the text in my browser
  as i'm writing this) in a similar way, via a cold boot attack.

  where i can, i hand-deliver letters instead of emails, talk to people away from devices and
  entertain myself without computerized technology.
- i don't use a vpn.
  loads of arguments for and against vpns that i won't peddle.
  my threat model doesn't need one; there's no guarantee (even if you're relying on auditing which is
  just fancy word-of-mouth!) that the data you send to a VPN server isn't being logged somewhere and
  used.
  the /only/ guarantee of a working VPN in my opinion is one you self-host, which is pretty useless
  unless you have a lot of friends that connect to it, otherwise you're just shifting your requests
  from one device to another.
  even if you adopted this approach: how can your friends trust you?!
- my operating system boots entirely into ram!
  everything is kept on a usb which i boot off of.
  then, all the package files and dependencies are kept on a separate usb stick so i can install them
  on-demand in my terminal.
  this makes booting my computer /insanely/ fast; prevents disks from dying quickly and keeps me safe
  (there's no hard-drive i need to write zeros to!)
  as for digital files... i write them on paper / print them when i can!
- i avoid encryption.
  i would /love/ a world where asymmetric encryption was the default for the messages we send.
  unfortunately, i believe that encryption is counter-intuitive to my threat model.
  some third party spying on me is going to be less suspicious of me if i blend in as an average internet
  user (which is why i try to stay away from the net!) than if i were to encrypt things.

anyway, that's very much in alignment with /my/ threat model. if security is your biggest concern: go off of the devices you use!

I'm surprised it took this many posts to mention threat models, this can create very different security needs and I'm glad to hear a different type of security because of your threat model. I also love and need to look into the idea of using multiple emails and using forwarding!
Logged

She/Her
"Will you stop adding lampposts to my games?"

ThunderPerfectWitchcraft
Sr. Member ⚓︎
****


Here be dragons


View Profile WWW

First 1000 Members!Joined 2023!
« Reply #7 on: September 20, 2023 @898.41 »

-Using nearly exclusively Open Source Software
-Updating regularly
-Full disk encryption
-Using an adblocker/NoScript
-Using long, complicated passwords.
Logged

Melooon
Hero Member ⚓︎
*****


So many stars!

SpaceHey: Friend Me!
StatusCafe: melon
iMood: Melonking
Itch.io: My Games

View Profile WWW

a puppy for your travelsAlways My PalFirst 1000 Members!spring 2023!Squirtle!!!!MIDI WarriorMIDI Warrior1234 Posts!OzspeckCool Dude AwardRising Star of the Web AwardMessage BuddyPocket Icelogist!OG! Joined 2021!The Smallest Ozwomp Known To Man...
« Reply #8 on: September 20, 2023 @905.91 »

Occasionally people will send me obscure zip files; I do sometimes take some extra precautions when opening such zips!

I download them in an isolated virtual machine running linux; and sometimes I will run ClamAV on them to check that nothing is amiss.

So far they have all turned out to be very nice collections of textures and gifs to add to my sites :ha:
Logged


everything lost will be recovered, when you drift into the arms of the undiscovered
Cobra!
Hero Member ⚓︎
*****


’S fhearr Albais bhriste na Albais sa chiste

StatusCafe: cobradile
iMood: Cobradile
Matrix: Chat!
XMPP: Chat!
Itch.io: My Games

View Profile WWW

bred :3First 1000 Members!Pocket Icelogist!OG! Joined 2021!
« Reply #9 on: September 21, 2023 @85.79 »

I use Librewolf as my browser, which is a fork of Firefox that removes the sneaky telemetry it has.

I use Mullvad VPN, which can’t identify you because your account is literally just a number. No email addresses or any personal information is stored as far as I know! It’s also good enough to fool pretty much everything that tries to tell you where you are, so that’s neat!

I also use add-ons like Chameleon to spoof my profile that gets sent to websites.

I should look into getting a physical address book so I can store any numbers that way instead of storing my contacts on an Android.
Logged




“Snooping as usual, I see?”
SilkSkull
Hero Member ⚓︎
*****


SpaceHey: Friend Me!
iMood: SilkSkull
Matrix: Chat!

View Profile WWW

First 1000 Members!MARIO64.PNGCool Dude AwardJoined 2022!High Speed Ozwomp!
« Reply #10 on: September 21, 2023 @193.46 »

-Using nearly exclusively Open Source Software
-Updating regularly
-Full disk encryption
-Using an adblocker/NoScript
-Using long, complicated passwords.


These are really good tips especially for people not wanting to have to go down the route of a lot of extra software!

Occasionally people will send me obscure zip files; I do sometimes take some extra precautions when opening such zips!

I download them in an isolated virtual machine running linux; and sometimes I will run ClamAV on them to check that nothing is amiss.

So far they have all turned out to be very nice collections of textures and gifs to add to my sites :ha:

That is a really good idea for any potentially weird file, it's also so weird to me to imagine receiving random zip files of gifs xD

I use Librewolf as my browser, which is a fork of Firefox that removes the sneaky telemetry it has.

I use Mullvad VPN, which can’t identify you because your account is literally just a number. No email addresses or any personal information is stored as far as I know! It’s also good enough to fool pretty much everything that tries to tell you where you are, so that’s neat!

I also use add-ons like Chameleon to spoof my profile that gets sent to websites.

I should look into getting a physical address book so I can store any numbers that way instead of storing my contacts on an Android.

I gotta try that add on! I also recommend checking your local drug store or pharmacy for address books!
Logged

She/Her
"Will you stop adding lampposts to my games?"

Pages: [1] Print 
« previous next »
 

Vaguely similar topics! (3)

Anti-Piracy measures in games

Started by Cobra!Board ♖ ∙ Video Games

Replies: 4
Views: 883
Last post August 15, 2022 @685.54
by TheFrugalGamer
privacy/security/anti data-harvesting megalist!

Started by maliceBoard ☆ ∙ Showcase & Links

Replies: 22
Views: 1674
Last post August 29, 2023 @855.32
by Memory
absurd security questions

Started by jBoard ☕︎ ∙ Fun & Forum Games

Replies: 2
Views: 385
Last post January 01, 2024 @213.68
by cursedcalendar

Melonking.Net © Always and ever was! SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies Forum Guide | Rules | RSS | WAP2


MelonLand Badges and Other Melon Sites!

MelonLand Project! Visit the MelonLand Forum! Support the Forum
Visit Melonking.Net! Visit the Gif Gallery! Pixel Sea TamaNOTchi