Links

Apps

Anti-Malware

a.k.a. Anti-Virus, Anti-Spyware, Anti-Adware, etc.

SEE UPDATES
Windows Defender is built into Windows 10 and provides Malware protection by default; just run your UPDATES
Most devices include Anti-Malware protection as part of their UPDATES
It is generally more important to UPDATE than to add additional layers of protection.
Multiple Anti-Malware software that is designed to work alone may even conflict and attempt to detect and remove each other!

Sophos Home Free for macOS

Backups

Backblaze - The 3-2-1 Backup Strategy
A 3-2-1 strategy means having at least 3 total copies of your data, 2 of which are local but on different mediums (read: devices), and at least 1 copy offsite.

2 of which are local but on different mediums:

at least 1 copy offsite:

  • Device(s) stored in different physical location(s) far enough apart to avoid simultaneous loss/theft
  • Other Cloud Storage Providers (Amazon, Google, Microsoft, etc.)
  • Backblaze – Paid service: Never lose a file again. Get unlimited cloud backup for your Mac or PC.

Other Backups

Make sure these backups are either in your 3-2-1 Backup Strategy or an equal/better solution.

  • Cake – Free End of Life Planning

CryptoParties

Devices

Password Managers

Resources

  • EFF Surveillance Self-Defense – Surveillance Self-Defense: TIPS, TOOLS AND HOW-TOS FOR SAFER ONLINE COMMUNICATIONS
  • The Coalition Against Stalkerware – convened in 2019 in order to facilitate communication between those organizations working to combat domestic violence and the security community.
  • Security Checklist – An open source checklist of resources designed to improve your online privacy and security.
  • privacytools.io – Provides knowledge and tools to protect your privacy against global mass surveillance.
  • PrivacyHaus – Use secure apps and services to help keep your privacy intact.
  • Prism Break – Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Stop governments from spying on you by encrypting your communications and ending your reliance on proprietary services.
  • Plain Text Project - Tools – This is an ever-expanding list of tools that can help you work and live more efficiently in plain text.
  • Opensource.Builders – Find open-source alternatives for your favorite apps

Secure Messaging

How to: Avoid Phishing Attacks
How to Choose the Right Messenger

Why You Should Stop Using Telegram Right Now
Why I told my friends to stop using WhatsApp and Telegram

Cutting the Wire
Messaging app Wire confirms $8.2M raise, responds to privacy concerns after moving holding company to the US

Secure File Storage / Sharing

  • Keybase – Secure groups, files, and chat for everyone! 250 gigabytes free!
  • Cryptomator – Free client-side encryption for your cloud files. Open source software: No backdoors, no registration.
  • Boxcryptor – Allows you to create and use local device-only encrypted vaults without requiring an account.
  • Syncthing – Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized.
  • VeraCrypt – VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux.

Security Plan (Threat Modeling)

Services

  • Abine Blur – Simply better passwords, payments, & privacy.
  • Android Find My Device – If you’ve added a Google Account to your device, Find My Device is automatically turned on.
  • Apple iCloud Find My – One place to find your (Apple) devices and friends.
  • CryptPad – CryptPad is a private-by-design alternative to popular office tools and cloud services. All the content stored on CryptPad is encrypted before being sent, which means nobody can access your data unless you give them the keys (not even us).
  • Internet Archive – Internet Archive is a non-profit library of millions of free books, movies, software, music, websites, and more.
  • JotForm – Great alternative to Google Forms and features Encrypted Forms!
  • NeverSSL – This website is for when you try to open Facebook, Google, Amazon, etc on a wifi network, and nothing happens. Type “http://neverssl.com” into your browser’s url bar, and you’ll be able to log on.
  • RiseUp – Provides online communication tools for people and groups working on liberatory social change.
  • RiseUp Pad – Real-time group collaboration of text documents. Riseup does not store IP addresses, we require https, and pads are automatically destroyed after 30 days of inactivity.

Paid:

  • Abine DeleteMe – Because it’s too easy for anyone to find you.
  • iVerify – iVerify monitors your device security, notifies you when an issue is detected, and provides actionable steps to take to mitigate any risks. Paid App: $2.99, iOS Only

Two-Factor

  • KeePassXC – KeePassXC allows me to store my TOTP secrets. Doesn’t this alleviate any advantage of two-factor authentication?
  • FreeOTP – Free and Open Source Software (FOSS) App for TOTP (Google Authenticator) and HOTP One-Time Passcodes (OTP)
  • Turn On 2FA – Provides an explanation of 2FA and how it protects online accounts from compromise as well as a directory of step-by-step tutorials on enabling the security feature on 100s of top websites.
  • Two Factor Auth (2FA) – List of websites and whether or not they support 2FA.
  • USB Dongle Authentication – List of websites and whether or not they support One Time Passwords (OTP) or Universal 2nd Factor (U2F).

Updates

Remember to run a BACKUP before Updates to avoid potential data loss!

UEFI / BIOS / Firmware Updates

Apple, Microsoft Surface, and Google Chromebooks perform these updates through their built-in regular update applications.
Note that you may need to check with the vendor of any custom/specific devices (SuperMicro, system76, Purism, PINE64, etc.)

If a device or program have become Unsupported / End of Life / Obsolete you should fully upgrade/replace ASAP.

VPN

Web Browsing

How to: Avoid Phishing Attacks

  • Firefox – Firefox is made by Mozilla, the non-profit champions of a healthy internet.
  • Firefox Focus – A dedicated privacy browser with tracking protection and content blocking for your smartphone (iOS & Android)
  • DuckDuckGo – The search engine that doesn’t track you.
  • Cliqz – Cliqz develops digital key technologies as a European alternative to the market dominating US platforms. These include independent search engine, browser and privacy technologies as well as new techniques for responsible advertising and statistical data collection for the benefit of all users.

Web Browser Extensions / Add-ons

Web Browsing: Anonymous

  • Tor Browser Bundle – Tor Browser contains everything you need to safely browse the Internet.
  • OnionShare – Open source tool that lets you securely and anonymously share a file of any size.
  • Tails – Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity.
  • Whonix – Whonix is a desktop operating system designed for advanced security and privacy.