Xmas guide ahead of the pivot
A little information security is just the thing anyone would love to see in their Christmas sock. Here are some notions for keeping Santa's spies from knowing whether you belong on either his naughty or nice lists.
More Americans are worried about their digital security ahead of the in-coming Trump regime, which aims to be adversarial towards many citizens starting on day one. There are a lot of things a person can do to protect their digital footprints, online accounts, access to their data, etc. that won't cost a penny. I put together a list of the better guides on them. But if you want to sprinkle some extra safety under the Christmas tree for someone you care about, well go for it.
These aren't referral links, I'm not getting some naught point of a pence every time someone clicks the checkout for these. I've tried to find a few options that benefit good organisations America is going to need for the next four years where possible.
A sweet selection of security books in non-DRM PDF, ePub or even MOBI formats, on all kinds of ways to learn about network and operating system security, how to poke and prod and work with pilfered documents for good reasons. every purchase supports EFF and the ACLU, both organisations that are going to be busy during the Trump years defending your rights.
For the journalist on your shopping list, the Freedom of the Press Foundation has some good ideas on tech, books and services that can help them lock down their bits, protect their accounts, their sources and their work. It's going to be more important as the incoming regime is fairly outspoken about it's hostility toward an investigative press. At a minimum, get a phyiscal security key for 2FA logins.
Standard computer hard drive encryption is pretty good, but what an attacker really wants is your active, unlocked computer with all your juicy data readily accessible. If you’re out in public — working at a café or somewhere a snatch-and-dash operation could happen — using one of these cables can instantly lock, shut down, or even self-destruct your laptop (configuration preferences depending) if the connection is severed. Just make sure not to screw up and trigger it accidentally yourself!
Get someone you care about a good physical security key for multi-factor authentication. Phishing campaigns and other kinds of account intrusions. The most effective method of protecting your online accounts from takeover is to put some 2FA on it, and the strongest form of 2FA is a physical security key. I'm partial to Yubico's products and the Security Key C linked to above, but there are various brands and shapes that allow for different kinds of hardware. Find what works.
Your mobile is a useful tool for a lot of things, but it's also a snitch. When you want to make sure it's not pinging anything, you can disable lots of things, activate flight mode, etc., or turn it off. And you can knock it into a sack that blocks all the kinds of signals you walk around that asks your mobile who it is. There are several brands and types. GoDark offers a good range.
Privacy screens are must-have travel items for laptops to help limit what people sitting around you at the cafe or hotel lobby can see about your work. You can get these for mobiles, and in the current climate when more people are being encouraged to grass on one another, these should be on more phone screens. This will help keep people around you on the bus, train or sidewalk from catching glances of what you're doing, who you're talking to, or possibly where you're going. There are a lot of makers of these, I'm a fan of 3M for these. While you're at it, get some web cam covers as well, so you can be more certain what your computer is seeing.