mirror of
https://github.com/Lissy93/personal-security-checklist.git
synced 2024-12-27 16:29:41 -05:00
Merge pull request #83 from matkoniecz/patch-5
simplify, clarify emails and sensitive data
This commit is contained in:
commit
3e5f5362c4
@ -141,7 +141,7 @@ The big companies providing "free" email service, don't have a good reputation f
|
||||
**Disable Automatic Loading of Remote Content** | Recommended | Email messages can contain remote content such as images or stylesheets, often automatically loaded from the server. You should disable this, as it exposes your IP address and device information, and is often used for tracking. For more info, see [this article](https://www.theverge.com/2019/7/3/20680903/email-pixel-trackers-how-to-stop-images-automatic-download)
|
||||
**Use Plaintext** | Optional | There are two main types of emails on the internet: plaintext and HTML. The former is strongly preferred for privacy & security as HTML messages often include identifiers in links and inline images, which can collext usage and personal data. There's also numerous risks of remote code execution targetting the HTML parser of your mail client, which can not be exploited if you are using plaintext. For more info, as well as setup instructions for your mail provider, see [UsePlaintext.email](https://useplaintext.email/).
|
||||
**Don’t connect third-party apps to your email account** | Optional | If you give a third-party app or plug-in (such as Unroll.me, Boomerang, SaneBox etc) full access to your inbox, they effectively have full unhindered access to all your emails and their contents, which poses [significant security and privacy risks](https://zeltser.com/risks-of-email-search-services/)
|
||||
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you can’t be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential or personal information, unless it is encrypted/ or both parties are using a secure mail provider
|
||||
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you can’t be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential information, unless it is encrypted.
|
||||
**Consider Switching to a Secure Mail Provider** | Optional | Secure and reputable email providers such as [ProtonMail](https://protonmail.com) and [Tutanota](https://tutanota.com) allow for end-to-end encryption, full privacy as well as more security-focused features. Unlike typical email providers, your mailbox cannot be read by anyone but you, since all messages are encrypted. Providers such as Google, Microsoft and Yahoo scan messages for advertising, analytics and law enforcement purposes, but this poses a serious security threat
|
||||
**Use Smart Key** | Advanced | OpenPGP also [does not support](https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection) Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. Therefore, you should take great care to keep your private keys safe. One method of doing so, is to use a USB Smart Key to sign or decrypt messages, allowing you to do so without your private key leaving the USB device. Devices which support this include [NitroKey](https://www.nitrokey.com/), [YubiKey 5](https://www.yubico.com/products/yubikey-5-overview/) (See [Yubico Neo](https://developers.yubico.com/ykneo-openpgp/)), [Smart Card](https://www.floss-shop.de/en/security-privacy/smartcards/13/openpgp-smart-card-v3.3) (See [guide](https://spin.atomicobject.com/2014/02/09/gnupg-openpgp-smartcard/)), [OnlyKey](https://onlykey.io/)
|
||||
**Use Aliasing / Anonymous Forwarding** | Advanced | Email aliasing allows messages to be sent to [anything]@my-domain.com and still land in your primary inbox. Effectively allowing you to use a different, unique email address for each service you sign up for. This means if you start receiving spam, you can block that alias and determine which company leaked your email address. More importantly, you do not need to reveal your real email address to any company. <br>[Anonaddy](https://anonaddy.com) and [SimpleLogin](https://simplelogin.io/?slref=bridsqrgvrnavso) are open source anonymous email forwarding service allowing you to create unlimited email aliases, with a free plan
|
||||
|
Loading…
Reference in New Issue
Block a user