Don't use public WiFi

This commit is contained in:
Alicia Sykes 2020-01-21 16:24:46 +00:00 committed by GitHub
parent cc01ba4665
commit 04147aa0a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -65,6 +65,7 @@ For more browser security pointers, check out: [Heres How To Get Solid Browse
**Consider a privacy browser** | Optional | Google openly collects usage data on Chrome usage. There are several privacy browsers out there which minimise the amount of data collected. The most popular of which is [Brave Browser](https://brave.com), or [Firefox](https://www.mozilla.org/en-GB/firefox/new/). Others include [Bromite](https://www.bromite.org/), [Epic Browser](https://www.epicbrowser.com/index.html) or [Comodo](https://www.comodo.com/home/browsers-toolbars/browser.php). The most secure option is [Tor Browser](https://www.torproject.org/).
**Use DNS-over-HTTPS** | Optional | Traditional DNS makes requests in plain text for everyone to see, it allows for eavesdropping and manipulation of DNS data by man-in-the-middle attacks. Whereas [DNS-over-HTTPS](https://en.wikipedia.org/wiki/DNS_over_HTTPS) performs DNS resolution via the HTTPS protocol, meaning data between the you and your DNS resolver is encrypted. You can follow [this guide to enable in Firefox](https://support.mozilla.org/en-US/kb/firefox-dns-over-https), for see [CoudFlares 1.1.1.1 Docs](https://1.1.1.1/help).
**Disable WebRTC** | Optional | [WebRTC](https://webrtc.org/) allows high-quality audio/ video communication and peer-to-peer file-sharing straight from the browser. However it can pose as a privacy leak, especially if you are using a proxy or VPN. In FireFox WebRTC can be disabled, by searching for, and disabling `media.peerconnection.enabled` in the settings. For other browsers, the [WebRTC-Leak-Prevent](ttps://github.com/aghorler/WebRTC-Leak-Prevent) extension can be installed. [uBlockOrigin](https://github.com/gorhill/uBlock) also allows WebRTC to be disabled. To learn more, [check out this guide](https://buffered.com/privacy-security/how-to-disable-webrtc-in-various-browsers/).
**Don't Connect to Open WiFi networks** | Optional | Browing the internet while using public or open WiFi may leave you vulnrable to man-in-the-middle attacks, malware distribution or snooping and sniffing. Some hotspots may also be unencrypted, or even malicious. If you do need to briefly use a public WiFi network, ensure you disable file sharing, only visit HTTPS websites and use a VPN. Also remove the network from your saved WiFi list after. See the [networking](#networking) section for more details.
**Use Tor** | Advanced | [The Tor Project](https://www.torproject.org/) privides a browser that encrypts and routes your traffic through multiple nodes, keeping users safe from intercaption and tracking. The draw backs are speed and user experience, but it is the most secure browser option.
**Disable JavaScript** | Advanced | Many modern web apps are JavaScript based, so disabling it will greatly decrease your browsing experience. But if you really want to go all out, then it will reduce your attack surface. Read more about the growing [risk of JavaScript malware](https://heimdalsecurity.com/blog/javascript-malware-explained/).
**Route all desktop traffic via Tor** | Advanced | [Whonix](https://www.whonix.org/) allows for fail-safe, automatic, and desktop-wide use of the Tor network. It's based on Debian, and runs in in a virtual machine. Straigt-forward to install on Windows, OSX or Linux.