Wednesday, February 10, 2016

The security setup of a noob


Lately I got interested in security, more and more. I'm not an expert of security (just read the title of the article :)), but listening to the advice of some expert in this field , I started following some "common rules" and so I came up with my personal security setup.


What I do

First I started updating every software every time that an update was available then I started using a password manager, like LastPass or Keepass. I recommend KeePass for three reason:
  1. Lostpass
  2. Open Source
  3. It's free :)
I recommend LastPass to all who want an elegant interface and who don't care about my three reason to use KeePass! :)


After I started to "secure" my devices and I came up with this:

On my Windows machine:
  1. Encrypted HHDs
  2. VPN: I use NordVPN
  3. DNSCrypt
  4. GlassWire: A network monitor security tool very easy to use and elegant
  5. Malwarebytes Anti-Exploit: to mitigate the threat of 0day
  6. Sandboxie 
  7. Turn UAC to max setting 
On my Linux machine the setup it's almost the same.
I don't use GlassWire (not available for Linux), but I've installed Snort and I'm slowly learning how to use it.

In either my pc I use firefox with the following add-ons (remeber to configure browser plugins as click-to-play):
     

And at last my android phone (Nexus 5 with CyanogenMod 13) setup:

I've also switched to ProtonMail and started using external HDDs to keep a backup of everything that I've.

Another thing that I forgot to write is that it's very important to be either on windows and linux a standard user (don't use admin or root account) with this you reduce the damage that a virus can do.


What I will do

For the moment I don't know how to really improve/fix my setup(any kind of suggestions will be appreciated), but I've some other things that I want to add.
I'll buy one or two Yubikey and I'll build a small fanless pc (to use it like router) where I can put pfSense and start playing with it (all of this when I'll have some money to invest)



WHY?

Sometimes I try to convert someone to use at least a password manager (one time it worked:) ) and I also tell them to take care of their privacy. Usually they respond me with "I don't care if someone (like the government) is spying on me! I have nothing to hide!"

If you get the same response, a clever answers can be the citation of this article:

"If I'm not doing anything wrong, then you have no cause to watch me." "Because the government gets to define what's wrong, and they keep changing the definition." "Because you might do something wrong with my information." My problem with quips like these -- as right as they are -- is that they accept the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.



EDITED:

I've improved some of my habits like funbike said. He also suggest to:
  • Unistall Java
    • I need it so I didn't put in my list

Like a lot of people said, I use too many add-ons so I deleted some of them.

If someone want to ask or correct something, improve this setup, suggest a better one, just write it on the comment and I'll add it on this article

10 comments:

  1. "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say."

    --Edward Snowden

    ReplyDelete
  2. Very nice collection. Now share with the feral government (pun intended).

    ReplyDelete
  3. pfsense is a pain to work with, but it is a very powerful firewall. I highly recommend it.

    ReplyDelete
  4. Calomel SSL Validation is a nice tool, but it shows red on one of my pages as untrusted. The reason is I'm loading some http content on the page, which I'm doing because its my non-public page, so I'm ok with that breach. However, the plugin doesn't tell me why it is red, just says that the page is untrusted.

    ReplyDelete
    Replies
    1. It can be red when there is a problem with the certificate or when the entire SSL connection cannot be verified.. If you click on the red icon it also should give you more information

      Delete
    2. It doesn't. It just says, "WARNING! BROKEN OR UNTRUSTED (Red 0%)". Of course, this is due to the http data that is loading from Weather Underground on the page. The cert and site work on the normal (public) pages. All I'm saying is that it would be nice if it explained exactly why it was untrusted. Much like IE would.

      Delete
  5. Yes i am totally agreed with this article and i just want say that this article is very nice and very informative article.I will make sure to be reading your blog more. You made a good point but I can't help but wonder, what about the other side? !!!!!!THANKS!!!!!! Search Bar Firefox 57 Quantum addon

    ReplyDelete