Merge pull request #245 from Lissy93/FEAT/update-levels

Feat/update levels
This commit is contained in:
Alicia Sykes 2024-03-10 23:06:12 +00:00 committed by GitHub
commit 6aef521761
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 108 additions and 236 deletions

View File

@ -17,7 +17,7 @@
"type": "object", "type": "object",
"properties": { "properties": {
"point": { "type": "string" }, "point": { "type": "string" },
"priority": { "type": "string", "enum": ["recommended", "optional", "advanced"] }, "priority": { "type": "string", "enum": ["essential", "optional", "advanced"] },
"details": { "type": "string" } "details": { "type": "string" }
}, },
"required": ["point", "priority", "details"] "required": ["point", "priority", "details"]

View File

@ -10,7 +10,7 @@
2-factor authentication, keep on top of breaches and take care while logging into your accounts. 2-factor authentication, keep on top of breaches and take care while logging into your accounts.
checklist: checklist:
- point: Use a Strong Password - point: Use a Strong Password
priority: Recommended priority: Essential
details: >- details: >-
If your password is too short, or contains dictionary words, places or names- then it can be easily If your password is too short, or contains dictionary words, places or names- then it can be easily
cracked through brute force, or guessed by someone. The easiest way to make a strong password, is by cracked through brute force, or guessed by someone. The easiest way to make a strong password, is by
@ -21,7 +21,7 @@
[securityinabox.org](https://securityinabox.org/en/passwords/passwords-and-2fa/) [securityinabox.org](https://securityinabox.org/en/passwords/passwords-and-2fa/)
- point: Don't reuse Passwords - point: Don't reuse Passwords
priority: Recommended priority: Essential
details: >- details: >-
If someone was to reuse a password, and one site they had an account with suffered a leak, then a If someone was to reuse a password, and one site they had an account with suffered a leak, then a
criminal could easily gain unauthorized access to their other accounts. This is usually done through criminal could easily gain unauthorized access to their other accounts. This is usually done through
@ -29,7 +29,7 @@
too common, but it's simple to protect against- use a different password for each of your online accounts too common, but it's simple to protect against- use a different password for each of your online accounts
- point: Use a Secure Password Manager - point: Use a Secure Password Manager
priority: Recommended priority: Essential
details: >- details: >-
For most people it is going to be near-impossible to remember hundreds of strong and unique passwords. For most people it is going to be near-impossible to remember hundreds of strong and unique passwords.
A password manager is an application that generates, stores and auto-fills your login credentials for you. A password manager is an application that generates, stores and auto-fills your login credentials for you.
@ -39,7 +39,7 @@
[Recommended Password Managers](https://github.com/Lissy93/awesome-privacy#password-managers) [Recommended Password Managers](https://github.com/Lissy93/awesome-privacy#password-managers)
- point: Avoid sharing passwords - point: Avoid sharing passwords
priority: Recommended priority: Essential
details: >- details: >-
While there may be times that you need to share access to an account with another person, you should While there may be times that you need to share access to an account with another person, you should
generally avoid doing this because it makes it easier for the account to become compromised. If you generally avoid doing this because it makes it easier for the account to become compromised. If you
@ -47,7 +47,7 @@
should be done via features built into a password manager. should be done via features built into a password manager.
- point: Enable 2-Factor Authentication - point: Enable 2-Factor Authentication
priority: Recommended priority: Essential
details: >- details: >-
2FA is where you must provide both something you know (a password) and something you have (such as a 2FA is where you must provide both something you know (a password) and something you have (such as a
code on your phone) to log in. This means that if anyone has got your password (e.g. through phishing, code on your phone) to log in. This means that if anyone has got your password (e.g. through phishing,
@ -58,7 +58,7 @@
(it works without internet, and the code usually changes every 30-seconds) (it works without internet, and the code usually changes every 30-seconds)
- point: Keep Backup Codes Safe - point: Keep Backup Codes Safe
priority: Recommended priority: Essential
details: >- details: >-
When you enable multi-factor authentication, you will usually be given several codes that you can use if When you enable multi-factor authentication, you will usually be given several codes that you can use if
your 2FA method is lost, broken or unavailable. Keep these codes somewhere safe to prevent loss or your 2FA method is lost, broken or unavailable. Keep these codes somewhere safe to prevent loss or
@ -229,7 +229,7 @@
minimise online tracking and improve privacy. minimise online tracking and improve privacy.
checklist: checklist:
- point: Block Ads - point: Block Ads
priority: Recommended priority: Essential
details: >- details: >-
Using an ad-blocker can help improve your privacy, by blocking the trackers that ads implement. Using an ad-blocker can help improve your privacy, by blocking the trackers that ads implement.
[uBlock Origin](https://github.com/gorhill/uBlock) is a very efficient and open source browser addon, [uBlock Origin](https://github.com/gorhill/uBlock) is a very efficient and open source browser addon,
@ -261,7 +261,7 @@
and [how to remove browser malware](https://heimdalsecurity.com/blog/malware-removal). and [how to remove browser malware](https://heimdalsecurity.com/blog/malware-removal).
- point: Use a Privacy-Respecting Browser - point: Use a Privacy-Respecting Browser
priority: Recommended priority: Essential
details: >- details: >-
[Firefox](https://www.mozilla.org/en-US/firefox/new) (with a few tweaks) and [Brave](https://brave.com) [Firefox](https://www.mozilla.org/en-US/firefox/new) (with a few tweaks) and [Brave](https://brave.com)
are secure, private-respecting browsers. Both are fast, open source, user-friendly and available on all are secure, private-respecting browsers. Both are fast, open source, user-friendly and available on all
@ -272,7 +272,7 @@
user.js configs. See more: [Privacy Browsers](https://github.com/Lissy93/awesome-privacy#browsers). user.js configs. See more: [Privacy Browsers](https://github.com/Lissy93/awesome-privacy#browsers).
- point: Use a Private Search Engine - point: Use a Private Search Engine
priority: Recommended priority: Essential
details: >- details: >-
Using a privacy-preserving, non-tracking search engine, will reduce risk that your search terms are not Using a privacy-preserving, non-tracking search engine, will reduce risk that your search terms are not
logged, or used against you. Consider [DuckDuckGo](https://duckduckgo.com), [Qwant](https://www.qwant.com), logged, or used against you. Consider [DuckDuckGo](https://duckduckgo.com), [Qwant](https://www.qwant.com),
@ -283,7 +283,7 @@
to a privacy-respecting search engine. to a privacy-respecting search engine.
- point: Remove Unnecessary Browser Addons - point: Remove Unnecessary Browser Addons
priority: Recommended priority: Essential
details: >- details: >-
Extensions are able to see, log or modify anything you do in the browser, and some innocent looking Extensions are able to see, log or modify anything you do in the browser, and some innocent looking
browser apps, have malicious intentions. Websites can see which extensions you have installed, and may browser apps, have malicious intentions. Websites can see which extensions you have installed, and may
@ -292,7 +292,7 @@
Check the reviews. Only install extensions you really need, and removed those which you haven't used in a while. Check the reviews. Only install extensions you really need, and removed those which you haven't used in a while.
- point: Keep Browser Up-to-date - point: Keep Browser Up-to-date
priority: Recommended priority: Essential
details: >- details: >-
Browser vulnerabilities are constantly being [discovered](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=browser) Browser vulnerabilities are constantly being [discovered](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=browser)
and patched, so its important to keep it up to date, to avoid a zero-day exploit. You can [see which browser and patched, so its important to keep it up to date, to avoid a zero-day exploit. You can [see which browser
@ -300,7 +300,7 @@
for instructions on how to update. Some browsers will auto-update to the latest stable version. for instructions on how to update. Some browsers will auto-update to the latest stable version.
- point: Check for HTTPS - point: Check for HTTPS
priority: Recommended priority: Essential
details: >- details: >-
If you enter information on a non-HTTPS website, this data is transported unencrypted and can therefore If you enter information on a non-HTTPS website, this data is transported unencrypted and can therefore
be read by anyone who intercepts it. Do not enter any data on a non-HTTPS website, but also do not let be read by anyone who intercepts it. Do not enter any data on a non-HTTPS website, but also do not let
@ -312,7 +312,7 @@
for Firefox, Chrome, Edge and Safari browsers on how to enable their HTTPS secure protections. for Firefox, Chrome, Edge and Safari browsers on how to enable their HTTPS secure protections.
- point: Use DNS-over-HTTPS - point: Use DNS-over-HTTPS
priority: Recommended priority: Essential
details: >- details: >-
Traditional DNS makes requests in plain text for everyone to see. It allows for eavesdropping and Traditional DNS makes requests in plain text for everyone to see. It allows for eavesdropping and
manipulation of DNS data through man-in-the-middle attacks. Whereas DNS-over-HTTPS performs DNS manipulation of DNS data through man-in-the-middle attacks. Whereas DNS-over-HTTPS performs DNS
@ -321,7 +321,7 @@
Note that DoH comes with its own issues, mostly preventing web filtering. Note that DoH comes with its own issues, mostly preventing web filtering.
- point: Multi-Session Containers - point: Multi-Session Containers
priority: Recommended priority: Essential
details: >- details: >-
Compartmentalisation is really important to keep different aspects of your browsing separate. For Compartmentalisation is really important to keep different aspects of your browsing separate. For
example, using different profiles for work, general browsing, social media, online shopping etc example, using different profiles for work, general browsing, social media, online shopping etc
@ -330,35 +330,35 @@
use different browsers for different tasks (Brave, Firefox, Tor etc). use different browsers for different tasks (Brave, Firefox, Tor etc).
- point: Use Incognito - point: Use Incognito
priority: Recommended priority: Essential
details: >- details: >-
When using someone else's machine, ensure that you're in a private/ incognito session. This will When using someone else's machine, ensure that you're in a private/ incognito session. This will
prevent browser history, cookies and some data being saved, but is not fool-proof- you can still prevent browser history, cookies and some data being saved, but is not fool-proof- you can still
be tracked. be tracked.
- point: Understand Your Browser Fingerprint - point: Understand Your Browser Fingerprint
priority: Recommended priority: Essential
details: >- details: >-
Browser Fingerprinting is an incredibly accurate method of tracking, where a website identifies you Browser Fingerprinting is an incredibly accurate method of tracking, where a website identifies you
based on your device information. You can view your fingerprint at amiunique.org- The aim is to be based on your device information. You can view your fingerprint at amiunique.org- The aim is to be
as un-unique as possible. as un-unique as possible.
- point: Manage Cookies - point: Manage Cookies
priority: Recommended priority: Essential
details: >- details: >-
Clearing cookies regularly is one step you can take to help reduce websites from tracking you. Clearing cookies regularly is one step you can take to help reduce websites from tracking you.
Cookies may also store your session token, which if captured, would allow someone to access your Cookies may also store your session token, which if captured, would allow someone to access your
accounts without credentials. To mitigate this you should clear cookies often. accounts without credentials. To mitigate this you should clear cookies often.
- point: Block Third-Party Cookies - point: Block Third-Party Cookies
priority: Recommended priority: Essential
details: >- details: >-
Third-party cookies placed on your device by a website other than the one youre visiting. This Third-party cookies placed on your device by a website other than the one youre visiting. This
poses a privacy risk, as a 3rd entity can collect data from your current session. This guide explains poses a privacy risk, as a 3rd entity can collect data from your current session. This guide explains
how you can disable 3rd-party cookies, and you can check here ensure this worked. how you can disable 3rd-party cookies, and you can check here ensure this worked.
- point: Block Third-Party Trackers - point: Block Third-Party Trackers
priority: Recommended priority: Essential
details: >- details: >-
Blocking trackers will help to stop websites, advertisers, analytics and more from tracking you in Blocking trackers will help to stop websites, advertisers, analytics and more from tracking you in
the background. Privacy Badger, DuckDuckGo Privacy Essentials, uBlock Origin and uMatrix (advanced) the background. Privacy Badger, DuckDuckGo Privacy Essentials, uBlock Origin and uMatrix (advanced)
@ -555,26 +555,26 @@
checklist: checklist:
- point: Have more than one email address - point: Have more than one email address
priority: Recommended priority: Essential
details: >- details: >-
Consider using a different email address for security-critical communications from trivial mail such Consider using a different email address for security-critical communications from trivial mail such
as newsletters. This compartmentalization could reduce the amount of damage caused by a data breach, as newsletters. This compartmentalization could reduce the amount of damage caused by a data breach,
and also make it easier to recover a compromised account. and also make it easier to recover a compromised account.
- point: Keep Email Address Private - point: Keep Email Address Private
priority: Recommended priority: Essential
details: >- details: >-
Do not share your primary email publicly, as mail addresses are often the starting point for most Do not share your primary email publicly, as mail addresses are often the starting point for most
phishing attacks. phishing attacks.
- point: Keep your Account Secure - point: Keep your Account Secure
priority: Recommended priority: Essential
details: >- details: >-
Use a long and unique password, enable 2FA and be careful while logging in. Your email account Use a long and unique password, enable 2FA and be careful while logging in. Your email account
provides an easy entry point to all your other online accounts for an attacker. provides an easy entry point to all your other online accounts for an attacker.
- point: Disable Automatic Loading of Remote Content - point: Disable Automatic Loading of Remote Content
priority: Recommended priority: Essential
details: >- details: >-
Email messages can contain remote content such as images or stylesheets, often automatically loaded Email messages can contain remote content such as images or stylesheets, often automatically loaded
from the server. You should disable this, as it exposes your IP address and device information, and from the server. You should disable this, as it exposes your IP address and device information, and
@ -709,7 +709,7 @@
intro: '' intro: ''
checklist: checklist:
- point: Only Use Fully End-to-End Encrypted Messengers - point: Only Use Fully End-to-End Encrypted Messengers
priority: Recommended priority: Essential
details: >- details: >-
End-to-end encryption is a system of communication where messages are encrypted on your device and End-to-end encryption is a system of communication where messages are encrypted on your device and
not decrypted until they reach the intended recipient. This ensures that any actor who intercepts not decrypted until they reach the intended recipient. This ensures that any actor who intercepts
@ -717,43 +717,43 @@
data is stored. data is stored.
- point: Use only Open Source Messaging Platforms - point: Use only Open Source Messaging Platforms
priority: Recommended priority: Essential
details: >- details: >-
If code is open source then it can be independently examined and audited by anyone qualified to do If code is open source then it can be independently examined and audited by anyone qualified to do
so, to ensure that there are no backdoors, vulnerabilities, or other security issues. so, to ensure that there are no backdoors, vulnerabilities, or other security issues.
- point: Use a "Trustworthy" Messaging Platform - point: Use a "Trustworthy" Messaging Platform
priority: Recommended priority: Essential
details: >- details: >-
When selecting an encrypted messaging app, ensure it's fully open source, stable, actively maintained, When selecting an encrypted messaging app, ensure it's fully open source, stable, actively maintained,
and ideally backed by reputable developers. and ideally backed by reputable developers.
- point: Check Security Settings - point: Check Security Settings
priority: Recommended priority: Essential
details: >- details: >-
Enable security settings, including contact verification, security notifications, and encryption. Enable security settings, including contact verification, security notifications, and encryption.
Disable optional non-security features such as read receipt, last online, and typing notification. Disable optional non-security features such as read receipt, last online, and typing notification.
- point: Ensure your Recipients Environment is Secure - point: Ensure your Recipients Environment is Secure
priority: Recommended priority: Essential
details: >- details: >-
Your conversation can only be as secure as the weakest link. Often the easiest way to infiltrate a Your conversation can only be as secure as the weakest link. Often the easiest way to infiltrate a
communications channel is to target the individual or node with the least protection. communications channel is to target the individual or node with the least protection.
- point: Disable Cloud Services - point: Disable Cloud Services
priority: Recommended priority: Essential
details: >- details: >-
Some mobile messaging apps offer a web or desktop companion. This not only increases attack surface but Some mobile messaging apps offer a web or desktop companion. This not only increases attack surface but
it has been linked to several critical security issues, and should therefore be avoided, if possible. it has been linked to several critical security issues, and should therefore be avoided, if possible.
- point: Secure Group Chats - point: Secure Group Chats
priority: Recommended priority: Essential
details: >- details: >-
The risk of compromise rises exponentially, the more participants are in a group, as the attack surface The risk of compromise rises exponentially, the more participants are in a group, as the attack surface
increases. Periodically check that all participants are legitimate. increases. Periodically check that all participants are legitimate.
- point: Create a Safe Environment for Communication - point: Create a Safe Environment for Communication
priority: Recommended priority: Essential
details: >- details: >-
There are several stages where your digital communications could be monitored or intercepted. This includes: There are several stages where your digital communications could be monitored or intercepted. This includes:
your or your participants' device, your ISP, national gateway or government logging, the messaging provider, your or your participants' device, your ISP, national gateway or government logging, the messaging provider,
@ -852,61 +852,61 @@
effectively public. If possible, avoid using conventional social media networks. effectively public. If possible, avoid using conventional social media networks.
checklist: checklist:
- point: Secure your Account - point: Secure your Account
priority: Recommended priority: Essential
details: >- details: >-
Social media profiles get stolen or taken over all too often. To protect your account: use a unique Social media profiles get stolen or taken over all too often. To protect your account: use a unique
and strong password, and enable 2-factor authentication. and strong password, and enable 2-factor authentication.
- point: Check Privacy Settings - point: Check Privacy Settings
priority: Recommended priority: Essential
details: >- details: >-
Most social networks allow you to control your privacy settings. Ensure that you are comfortable with Most social networks allow you to control your privacy settings. Ensure that you are comfortable with
what data you are currently exposing and to whom. what data you are currently exposing and to whom.
- point: Think of All Interactions as Public - point: Think of All Interactions as Public
priority: Recommended priority: Essential
details: >- details: >-
There are still numerous methods of viewing a users 'private' content across many social networks. There are still numerous methods of viewing a users 'private' content across many social networks.
Therefore, before uploading, posting or commenting on anything, think "Would I mind if this was totally public?" Therefore, before uploading, posting or commenting on anything, think "Would I mind if this was totally public?"
- point: Think of All Interactions as Permanent - point: Think of All Interactions as Permanent
priority: Recommended priority: Essential
details: >- details: >-
Pretty much every post, comment, photo etc is being continuously backed up by a myriad of third-party Pretty much every post, comment, photo etc is being continuously backed up by a myriad of third-party
services, who archive this data and make it indexable and publicly available almost forever. services, who archive this data and make it indexable and publicly available almost forever.
- point: Don't Reveal too Much - point: Don't Reveal too Much
priority: Recommended priority: Essential
details: >- details: >-
Profile information creates a goldmine of info for hackers, the kind of data that helps them personalize Profile information creates a goldmine of info for hackers, the kind of data that helps them personalize
phishing scams. Avoid sharing too much detail (DoB, Hometown, School etc). phishing scams. Avoid sharing too much detail (DoB, Hometown, School etc).
- point: Be Careful what you Upload - point: Be Careful what you Upload
priority: Recommended priority: Essential
details: >- details: >-
Status updates, comments, check-ins and media can unintentionally reveal a lot more than you intended Status updates, comments, check-ins and media can unintentionally reveal a lot more than you intended
them to. This is especially relevant to photos and videos, which may show things in the background. them to. This is especially relevant to photos and videos, which may show things in the background.
- point: Don't Share Email or Phone Number - point: Don't Share Email or Phone Number
priority: Recommended priority: Essential
details: >- details: >-
Posting your real email address or mobile number, gives hackers, trolls and spammers more munition to Posting your real email address or mobile number, gives hackers, trolls and spammers more munition to
use against you, and can also allow separate aliases, profiles or data points to be connected. use against you, and can also allow separate aliases, profiles or data points to be connected.
- point: Don't Grant Unnecessary Permissions - point: Don't Grant Unnecessary Permissions
priority: Recommended priority: Essential
details: >- details: >-
By default many of the popular social networking apps will ask for permission to access your contacts, By default many of the popular social networking apps will ask for permission to access your contacts,
call log, location, messaging history etc. If they dont need this access, dont grant it. call log, location, messaging history etc. If they dont need this access, dont grant it.
- point: Be Careful of 3rd-Party Integrations - point: Be Careful of 3rd-Party Integrations
priority: Recommended priority: Essential
details: >- details: >-
Avoid signing up for accounts using a Social Network login, revoke access to social apps you no longer Avoid signing up for accounts using a Social Network login, revoke access to social apps you no longer
use. use.
- point: Avoid Publishing Geo Data while still Onsite - point: Avoid Publishing Geo Data while still Onsite
priority: Recommended priority: Essential
details: >- details: >-
If you plan to share any content that reveals a location, then wait until you have left that place. If you plan to share any content that reveals a location, then wait until you have left that place.
This is particularly important when you are taking a trip, at a restaurant, campus, hotel/resort, public This is particularly important when you are taking a trip, at a restaurant, campus, hotel/resort, public
@ -964,25 +964,25 @@
including configuring your router and setting up a VPN. including configuring your router and setting up a VPN.
checklist: checklist:
- point: Use a VPN - point: Use a VPN
priority: Recommended priority: Essential
details: >- details: >-
Use a reputable, paid-for VPN. This can help protect sites you visit from logging your real IP, reduce Use a reputable, paid-for VPN. This can help protect sites you visit from logging your real IP, reduce
the amount of data your ISP can collect, and increase protection on public WiFi. the amount of data your ISP can collect, and increase protection on public WiFi.
- point: Change your Router Password - point: Change your Router Password
priority: Recommended priority: Essential
details: >- details: >-
After getting a new router, change the password. Default router passwords are publicly available, After getting a new router, change the password. Default router passwords are publicly available,
meaning anyone within proximity would be able to connect. meaning anyone within proximity would be able to connect.
- point: Use WPA2, and a strong password - point: Use WPA2, and a strong password
priority: Recommended priority: Essential
details: >- details: >-
There are different authentication protocols for connecting to WiFi. Currently, the most secure options There are different authentication protocols for connecting to WiFi. Currently, the most secure options
are WPA2 and WPA3 (on newer routers). are WPA2 and WPA3 (on newer routers).
- point: Keep router firmware up-to-date - point: Keep router firmware up-to-date
priority: Recommended priority: Essential
details: >- details: >-
Manufacturers release firmware updates that fix security vulnerabilities, implement new standards, and Manufacturers release firmware updates that fix security vulnerabilities, implement new standards, and
sometimes add features or improve the performance of your router. sometimes add features or improve the performance of your router.
@ -1171,31 +1171,31 @@
And this doesn't include all of the internet traffic that intelligence agencies around the world have unhindered access to. And this doesn't include all of the internet traffic that intelligence agencies around the world have unhindered access to.
checklist: checklist:
- point: Encrypt your Device - point: Encrypt your Device
priority: Recommended priority: Essential
details: >- details: >-
In order to keep your data safe from physical access, use file encryption. This will mean if your In order to keep your data safe from physical access, use file encryption. This will mean if your
device is lost or stolen, no one will have access to your data. device is lost or stolen, no one will have access to your data.
- point: Turn off connectivity features that arent being used - point: Turn off connectivity features that arent being used
priority: Recommended priority: Essential
details: >- details: >-
When you're not using WiFi, Bluetooth, NFC etc, turn those features off. There are several common threats When you're not using WiFi, Bluetooth, NFC etc, turn those features off. There are several common threats
that utilise these features. that utilise these features.
- point: Keep app count to a minimum - point: Keep app count to a minimum
priority: Recommended priority: Essential
details: >- details: >-
Uninstall apps that you dont need or use regularly. As apps often run in the background, slowing your Uninstall apps that you dont need or use regularly. As apps often run in the background, slowing your
device down, but also collecting data. device down, but also collecting data.
- point: App Permissions - point: App Permissions
priority: Recommended priority: Essential
details: >- details: >-
Dont grant apps permissions that they dont need. For Android, Bouncer is an app that allows you to grant Dont grant apps permissions that they dont need. For Android, Bouncer is an app that allows you to grant
temporary/ 1-off permissions. temporary/ 1-off permissions.
- point: Only install Apps from official source - point: Only install Apps from official source
priority: Recommended priority: Essential
details: >- details: >-
Applications on Apple App Store and Google Play Store are scanned and cryptographically signed, making them Applications on Apple App Store and Google Play Store are scanned and cryptographically signed, making them
less likely to be malicious. less likely to be malicious.
@ -1207,7 +1207,7 @@
through a compromised USB port. through a compromised USB port.
- point: Set up a mobile carrier PIN - point: Set up a mobile carrier PIN
priority: Recommended priority: Essential
details: >- details: >-
SIM hijacking is when a hacker is able to get your mobile number transferred to their sim. The easiest way SIM hijacking is when a hacker is able to get your mobile number transferred to their sim. The easiest way
to protect against this is to set up a PIN through your mobile provider. to protect against this is to set up a PIN through your mobile provider.
@ -1319,66 +1319,66 @@
compromised can have detrimental effects. compromised can have detrimental effects.
checklist: checklist:
- point: Keep your System up-to-date - point: Keep your System up-to-date
priority: Recommended priority: Essential
details: >- details: >-
System updates contain fixes/patches for security issues, improve performance, and sometimes add new System updates contain fixes/patches for security issues, improve performance, and sometimes add new
features. Install new updates when prompted. features. Install new updates when prompted.
- point: Encrypt your Device - point: Encrypt your Device
priority: Recommended priority: Essential
details: >- details: >-
Use BitLocker for Windows, FileVault on MacOS, or LUKS on Linux, to enable full disk encryption. This Use BitLocker for Windows, FileVault on MacOS, or LUKS on Linux, to enable full disk encryption. This
prevents unauthorized access if your computer is lost or stolen. prevents unauthorized access if your computer is lost or stolen.
- point: Backup Important Data - point: Backup Important Data
priority: Recommended priority: Essential
details: >- details: >-
Maintaining encrypted backups prevents loss due to ransomware, theft, or damage. Consider using Maintaining encrypted backups prevents loss due to ransomware, theft, or damage. Consider using
Cryptomator for cloud files or VeraCrypt for USB drives. Cryptomator for cloud files or VeraCrypt for USB drives.
- point: Be Careful Plugging USB Devices into your Computer - point: Be Careful Plugging USB Devices into your Computer
priority: Recommended priority: Essential
details: >- details: >-
USB devices can pose serious threats. Consider making a USB sanitizer with CIRCLean to safely check USB USB devices can pose serious threats. Consider making a USB sanitizer with CIRCLean to safely check USB
devices. devices.
- point: Activate Screen-Lock when Idle - point: Activate Screen-Lock when Idle
priority: Recommended priority: Essential
details: >- details: >-
Lock your computer when away and set it to require a password on resume from screensaver or sleep to Lock your computer when away and set it to require a password on resume from screensaver or sleep to
prevent unauthorized access. prevent unauthorized access.
- point: Disable Cortana or Siri - point: Disable Cortana or Siri
priority: Recommended priority: Essential
details: >- details: >-
Voice-controlled assistants can have privacy implications due to data sent back for processing. Disable Voice-controlled assistants can have privacy implications due to data sent back for processing. Disable
or limit their listening capabilities. or limit their listening capabilities.
- point: Review your Installed Apps - point: Review your Installed Apps
priority: Recommended priority: Essential
details: >- details: >-
Keep installed applications to a minimum to reduce exposure to vulnerabilities and regularly clear Keep installed applications to a minimum to reduce exposure to vulnerabilities and regularly clear
application caches. application caches.
- point: Manage Permissions - point: Manage Permissions
priority: Recommended priority: Essential
details: >- details: >-
Control which apps have access to your location, camera, microphone, contacts, and other sensitive Control which apps have access to your location, camera, microphone, contacts, and other sensitive
information. information.
- point: Disallow Usage Data from being sent to the Cloud - point: Disallow Usage Data from being sent to the Cloud
priority: Recommended priority: Essential
details: >- details: >-
Limit the amount of usage information or feedback sent to the cloud to protect your privacy. Limit the amount of usage information or feedback sent to the cloud to protect your privacy.
- point: Avoid Quick Unlock - point: Avoid Quick Unlock
priority: Recommended priority: Essential
details: >- details: >-
Use a strong password instead of biometrics or short PINs for unlocking your computer to enhance Use a strong password instead of biometrics or short PINs for unlocking your computer to enhance
security. security.
- point: Power Off Computer, instead of Standby - point: Power Off Computer, instead of Standby
priority: Recommended priority: Essential
details: >- details: >-
Shut down your device when not in use, especially if your disk is encrypted, to keep data secure. Shut down your device when not in use, especially if your disk is encrypted, to keep data secure.
@ -1567,37 +1567,37 @@
internet-connected home devices. internet-connected home devices.
checklist: checklist:
- point: Rename devices to not specify brand/model - point: Rename devices to not specify brand/model
priority: Recommended priority: Essential
details: >- details: >-
Change default device names to something generic to prevent targeted attacks by obscuring brand or model information. Change default device names to something generic to prevent targeted attacks by obscuring brand or model information.
- point: Disable microphone and camera when not in use - point: Disable microphone and camera when not in use
priority: Recommended priority: Essential
details: >- details: >-
Use hardware switches to turn off microphones and cameras on smart devices to protect against accidental recordings or targeted access. Use hardware switches to turn off microphones and cameras on smart devices to protect against accidental recordings or targeted access.
- point: Understand what data is collected, stored and transmitted - point: Understand what data is collected, stored and transmitted
priority: Recommended priority: Essential
details: >- details: >-
Research and ensure comfort with the data handling practices of smart home devices before purchase, avoiding devices that share data with third parties. Research and ensure comfort with the data handling practices of smart home devices before purchase, avoiding devices that share data with third parties.
- point: Set privacy settings, and opt out of sharing data with third parties - point: Set privacy settings, and opt out of sharing data with third parties
priority: Recommended priority: Essential
details: >- details: >-
Adjust app settings for strictest privacy controls and opt-out of data sharing with third parties wherever possible. Adjust app settings for strictest privacy controls and opt-out of data sharing with third parties wherever possible.
- point: Don't link your smart home devices to your real identity - point: Don't link your smart home devices to your real identity
priority: Recommended priority: Essential
details: >- details: >-
Use anonymous usernames and passwords, avoiding sign-up/log-in via social media or other third-party services to maintain privacy. Use anonymous usernames and passwords, avoiding sign-up/log-in via social media or other third-party services to maintain privacy.
- point: Keep firmware up-to-date - point: Keep firmware up-to-date
priority: Recommended priority: Essential
details: >- details: >-
Regularly update smart device firmware to apply security patches and enhancements. Regularly update smart device firmware to apply security patches and enhancements.
- point: Protect your Network - point: Protect your Network
priority: Recommended priority: Essential
details: >- details: >-
Secure your home WiFi and network to prevent unauthorized access to smart devices. Secure your home WiFi and network to prevent unauthorized access to smart devices.
@ -1657,12 +1657,12 @@
for security, but terrible for data privacy. for security, but terrible for data privacy.
checklist: checklist:
- point: Sign up for Fraud Alerts and Credit Monitoring - point: Sign up for Fraud Alerts and Credit Monitoring
priority: Recommended priority: Essential
details: >- details: >-
Enable fraud alerts and credit monitoring through Experian, TransUnion, or Equifax to be alerted of suspicious activity. Enable fraud alerts and credit monitoring through Experian, TransUnion, or Equifax to be alerted of suspicious activity.
- point: Apply a Credit Freeze - point: Apply a Credit Freeze
priority: Recommended priority: Essential
details: >- details: >-
Prevent unauthorized credit inquiries by freezing your credit through Experian, TransUnion, and Equifax. Prevent unauthorized credit inquiries by freezing your credit through Experian, TransUnion, and Equifax.
@ -1731,57 +1731,57 @@
checklist: checklist:
- point: Verify Recipients - point: Verify Recipients
priority: Recommended priority: Essential
details: >- details: >-
Emails can be easily spoofed. Verify the sender's authenticity, especially for sensitive actions, and prefer entering URLs manually rather than clicking links in emails. Emails can be easily spoofed. Verify the sender's authenticity, especially for sensitive actions, and prefer entering URLs manually rather than clicking links in emails.
- point: Don't Trust Your Popup Notifications - point: Don't Trust Your Popup Notifications
priority: Recommended priority: Essential
details: >- details: >-
Fake pop-ups can be deployed by malicious actors. Always check the URL before entering any information on a popup. Fake pop-ups can be deployed by malicious actors. Always check the URL before entering any information on a popup.
- point: Never Leave Device Unattended - point: Never Leave Device Unattended
priority: Recommended priority: Essential
details: >- details: >-
Unattended devices can be compromised even with strong passwords. Use encryption and remote erase features like Find My Phone for lost devices. Unattended devices can be compromised even with strong passwords. Use encryption and remote erase features like Find My Phone for lost devices.
- point: Prevent Camfecting - point: Prevent Camfecting
priority: Recommended priority: Essential
details: >- details: >-
Protect against camfecting by using webcam covers and microphone blockers. Mute home assistants when not in use or discussing sensitive matters. Protect against camfecting by using webcam covers and microphone blockers. Mute home assistants when not in use or discussing sensitive matters.
- point: Stay protected from shoulder surfers - point: Stay protected from shoulder surfers
priority: Recommended priority: Essential
details: >- details: >-
Use privacy screens on laptops and mobiles to prevent others from reading your screen in public spaces. Use privacy screens on laptops and mobiles to prevent others from reading your screen in public spaces.
- point: Educate yourself about phishing attacks - point: Educate yourself about phishing attacks
priority: Recommended priority: Essential
details: >- details: >-
Be cautious of phishing attempts. Verify URLs, context of received messages, and employ good security practices like using 2FA and not reusing passwords. Be cautious of phishing attempts. Verify URLs, context of received messages, and employ good security practices like using 2FA and not reusing passwords.
- point: Watch out for Stalkerware - point: Watch out for Stalkerware
priority: Recommended priority: Essential
details: >- details: >-
Be aware of stalkerware installed by acquaintances for spying. Look out for signs like unusual battery usage and perform factory resets if suspected. Be aware of stalkerware installed by acquaintances for spying. Look out for signs like unusual battery usage and perform factory resets if suspected.
- point: Install Reputable Software from Trusted Sources - point: Install Reputable Software from Trusted Sources
priority: Recommended priority: Essential
details: >- details: >-
Only download software from legitimate sources and check files with tools like Virus Total before installation. Only download software from legitimate sources and check files with tools like Virus Total before installation.
- point: Store personal data securely - point: Store personal data securely
priority: Recommended priority: Essential
details: >- details: >-
Ensure all personal data on devices or in the cloud is encrypted to protect against unauthorized access. Ensure all personal data on devices or in the cloud is encrypted to protect against unauthorized access.
- point: Obscure Personal Details from Documents - point: Obscure Personal Details from Documents
priority: Recommended priority: Essential
details: >- details: >-
When sharing documents, obscure personal details with opaque rectangles to prevent information leakage. When sharing documents, obscure personal details with opaque rectangles to prevent information leakage.
- point: Do not assume a site is secure, just because it is `HTTPS` - point: Do not assume a site is secure, just because it is `HTTPS`
priority: Recommended priority: Essential
details: >- details: >-
HTTPS does not guarantee a website's legitimacy. Verify URLs and exercise caution with personal data. HTTPS does not guarantee a website's legitimacy. Verify URLs and exercise caution with personal data.
@ -1864,43 +1864,43 @@
checklist: checklist:
- point: Destroy Sensitive Documents - point: Destroy Sensitive Documents
priority: Recommended priority: Essential
details: Shred or redact sensitive documents before disposal to protect against identity theft and maintain confidentiality. details: Shred or redact sensitive documents before disposal to protect against identity theft and maintain confidentiality.
- point: Opt-Out of Public Records - point: Opt-Out of Public Records
priority: Recommended priority: Essential
details: Contact people search websites to opt-out from listings that show personal information, using guides like Michael Bazzell's Personal Data Removal Workbook. details: Contact people search websites to opt-out from listings that show personal information, using guides like Michael Bazzell's Personal Data Removal Workbook.
- point: Watermark Documents - point: Watermark Documents
priority: Recommended priority: Essential
details: Add a watermark with the recipient's name and date to digital copies of personal documents to trace the source of a breach. details: Add a watermark with the recipient's name and date to digital copies of personal documents to trace the source of a breach.
- point: Don't Reveal Info on Inbound Calls - point: Don't Reveal Info on Inbound Calls
priority: Recommended priority: Essential
details: Only share personal data on calls you initiate and verify the recipient's phone number. details: Only share personal data on calls you initiate and verify the recipient's phone number.
- point: Stay Alert - point: Stay Alert
priority: Recommended priority: Essential
details: Be aware of your surroundings and assess potential risks in new environments. details: Be aware of your surroundings and assess potential risks in new environments.
- point: Secure Perimeter - point: Secure Perimeter
priority: Recommended priority: Essential
details: Ensure physical security of locations storing personal info devices, minimizing external access and using intrusion detection systems. details: Ensure physical security of locations storing personal info devices, minimizing external access and using intrusion detection systems.
- point: Physically Secure Devices - point: Physically Secure Devices
priority: Recommended priority: Essential
details: Use physical security measures like Kensington locks, webcam covers, and privacy screens for devices. details: Use physical security measures like Kensington locks, webcam covers, and privacy screens for devices.
- point: Keep Devices Out of Direct Sight - point: Keep Devices Out of Direct Sight
priority: Recommended priority: Essential
details: Prevent devices from being visible from outside to mitigate risks from lasers and theft. details: Prevent devices from being visible from outside to mitigate risks from lasers and theft.
- point: Protect your PIN - point: Protect your PIN
priority: Recommended priority: Essential
details: Shield your PIN entry from onlookers and cameras, and clean touchscreens after use. details: Shield your PIN entry from onlookers and cameras, and clean touchscreens after use.
- point: Check for Skimmers - point: Check for Skimmers
priority: Recommended priority: Essential
details: Inspect ATMs and public devices for skimming devices and tampering signs before use. details: Inspect ATMs and public devices for skimming devices and tampering signs before use.
- point: Protect your Home Address - point: Protect your Home Address

View File

@ -1,14 +1,16 @@
import { $, component$ } from "@builder.io/qwik"; import { $, component$, useContext } from "@builder.io/qwik";
import Icon from "~/components/core/icon"; import Icon from "~/components/core/icon";
import { data } from '~/mock-data';
import type { Section } from '~/types/PSC'; import type { Section } from '~/types/PSC';
import { useTheme } from '~/store/theme-store'; import { useTheme } from '~/store/theme-store';
import articles from '~/data/articles'; import articles from '~/data/articles';
import { ChecklistContext } from '~/store/checklist-context';
export default component$(() => { export default component$(() => {
const data = useContext(ChecklistContext);
const { theme, setTheme } = useTheme(); const { theme, setTheme } = useTheme();
const themes = [ const themes = [
@ -50,7 +52,7 @@ export default component$(() => {
Checklists Checklists
</summary> </summary>
<ul class="p-2 bg-base-100 rounded-t-none z-10"> <ul class="p-2 bg-base-100 rounded-t-none z-10">
{data.map((item: Section, index: number) => ( {data.value.map((item: Section, index: number) => (
<li key={`checklist-nav-${index}`} class={`hover:bg-${item.color}-600 hover:bg-opacity-15`}> <li key={`checklist-nav-${index}`} class={`hover:bg-${item.color}-600 hover:bg-opacity-15`}>
<a href={`/checklist/${item.slug}`}> <a href={`/checklist/${item.slug}`}>
<Icon color={item.color} class="mr-2" icon={item.icon} width={16} height={16} /> <Icon color={item.color} class="mr-2" icon={item.icon} width={16} height={16} />
@ -106,7 +108,7 @@ export default component$(() => {
<li> <li>
<a href="/checklist"><Icon class="mr-2" icon="all" width={16} height={16} />Checklists</a> <a href="/checklist"><Icon class="mr-2" icon="all" width={16} height={16} />Checklists</a>
<ul> <ul>
{data.map((item: Section, index: number) => ( {data.value.map((item: Section, index: number) => (
<li key={`checklist-side-${index}`} class={`hover:bg-${item.color}-600 hover:bg-opacity-15`}> <li key={`checklist-side-${index}`} class={`hover:bg-${item.color}-600 hover:bg-opacity-15`}>
<a href={`/checklist/${item.slug}`}> <a href={`/checklist/${item.slug}`}>
<Icon color={item.color} class="mr-2" icon={item.icon} width={16} height={16} /> <Icon color={item.color} class="mr-2" icon={item.icon} width={16} height={16} />

View File

@ -23,7 +23,7 @@ export default component$((props: { section: Section }) => {
const originalFilters = { const originalFilters = {
show: 'all', // 'all', 'remaining', 'completed' show: 'all', // 'all', 'remaining', 'completed'
levels: { levels: {
recommended: true, essential: true,
optional: true, optional: true,
advanced: true, advanced: true,
}, },
@ -33,7 +33,7 @@ export default component$((props: { section: Section }) => {
const getBadgeClass = (priority: Priority, precedeClass: string = '') => { const getBadgeClass = (priority: Priority, precedeClass: string = '') => {
switch (priority.toLocaleLowerCase()) { switch (priority.toLocaleLowerCase()) {
case 'recommended': case 'essential':
return `${precedeClass}success`; return `${precedeClass}success`;
case 'optional': case 'optional':
return `${precedeClass}warning`; return `${precedeClass}warning`;
@ -87,7 +87,7 @@ export default component$((props: { section: Section }) => {
case 'advice': case 'advice':
return item.point; return item.point;
case 'level': case 'level':
return ['recommended', 'optional', 'advanced'].indexOf(item.priority.toLowerCase()); return ['essential', 'optional', 'advanced'].indexOf(item.priority.toLowerCase());
default: default:
return 0; return 0;
} }
@ -198,8 +198,8 @@ export default component$((props: { section: Section }) => {
<span class="text-sm">Basic</span> <span class="text-sm">Basic</span>
<input <input
type="checkbox" type="checkbox"
checked={filterState.levels.recommended} checked={filterState.levels.essential}
onChange$={() => (filterState.levels.recommended = !filterState.levels.recommended)} onChange$={() => (filterState.levels.essential = !filterState.levels.essential)}
class="checkbox checkbox-sm checked:checkbox-success" class="checkbox checkbox-sm checked:checkbox-success"
/> />
</label> </label>

View File

@ -151,7 +151,7 @@ export default component$(() => {
totalProgress.value = progress; totalProgress.value = progress;
}) })
makeDataAndDrawChart('recommended', 'hsl(var(--su, 158 64% 52%))'); makeDataAndDrawChart('essential', 'hsl(var(--su, 158 64% 52%))');
makeDataAndDrawChart('optional', 'hsl(var(--wa, 43 96% 56%))'); makeDataAndDrawChart('optional', 'hsl(var(--wa, 43 96% 56%))');
makeDataAndDrawChart('advanced', 'hsl(var(--er, 0 91% 71%))'); makeDataAndDrawChart('advanced', 'hsl(var(--er, 0 91% 71%))');
})); }));
@ -212,7 +212,7 @@ export default component$(() => {
return Promise.all([ return Promise.all([
buildDataForPriority('advanced', 'hsl(0 91% 71%/75%)'), buildDataForPriority('advanced', 'hsl(0 91% 71%/75%)'),
buildDataForPriority('optional', 'hsl(43 96% 56%/75%)'), buildDataForPriority('optional', 'hsl(43 96% 56%/75%)'),
buildDataForPriority('recommended', 'hsl(158 64% 52%/75%)'), buildDataForPriority('essential', 'hsl(158 64% 52%/75%)'),
]).then(datasets => ({ ]).then(datasets => ({
labels, labels,
datasets, datasets,
@ -274,7 +274,7 @@ export default component$(() => {
})); }));
const items = [ const items = [
{ id: 'recommended-container', label: 'Essential' }, { id: 'essential-container', label: 'Essential' },
{ id: 'optional-container', label: 'Optional' }, { id: 'optional-container', label: 'Optional' },
{ id: 'advanced-container', label: 'Advanced' }, { id: 'advanced-container', label: 'Advanced' },
]; ];

View File

@ -1,130 +0,0 @@
import type { Section } from './types/PSC';
export const data: Section[] = [
{
title: 'Authentication',
slug: 'authentication',
description: 'Securing your online account login credentials',
icon: 'password',
intro: 'Most reported data breaches are caused by the use of weak, default or stolen passwords (according to [this Verizon report](http://www.verizonenterprise.com/resources/reports/rp_dbir-2016-executive-summary_xg_en.pdf)).' +
'Use long, strong and unique passwords, manage them in a secure password manager, enable 2-factor authentication, keep on top of breaches and take care while logging into your accounts.',
checklist: [
{
point: 'Use a Strong Password',
priority: 'recommended',
details: `If your password is too short, or contains dictionary words, places or names- then it can be easily cracked through brute force, or guessed by someone. The easiest way to make a strong password, is by making it long (12+ characters)- consider using a 'passphrase', made up of many words. Alternatively, use a password generator to create a long, strong random password. Have a play with [HowSecureIsMyPassword.net](https://howsecureismypassword.net), to get an idea of how quickly common passwords can be cracked. Read more about creating strong passwords: [securityinabox.org](https://securityinabox.org/en/passwords/passwords-and-2fa/)`,
},
{
point: 'Don\'t reuse Passwords',
priority: 'optional',
details: `If someone was to reuse a password, and one site they had an account with suffered a leak, then a criminal could easily gain unauthorized access to their other accounts. This is usually done through large-scale automated login requests, and it is called Credential Stuffing. Unfortunately this is all too common, but it's simple to protect against- use a different password for each of your online accounts`,
},
{
point: 'Use a Secure Password Manager',
priority: 'advanced',
details: `For most people it is going to be near-impossible to remember hundreds of strong and unique passwords. A password manager is an application that generates, stores and auto-fills your login credentials for you. All your passwords will be encrypted against 1 master passwords (which you must remember, and it should be very strong). Most password managers have browser extensions and mobile apps, so whatever device you are on, your passwords can be auto-filled. A good all-rounder is [BitWarden](https://bitwarden.com), or see [Recommended Password Managers](https://github.com/Lissy93/awesome-privacy#password-managers)`,
},
],
color: 'yellow',
},
{
title: 'Web Browsing',
slug: 'web-browsing',
description: 'Avoiding tracking, censorship, and data collection online',
icon: 'browser',
intro: '',
checklist: [],
color: 'emerald',
},
{
title: 'Email',
slug: 'email',
description: 'Protecting the gateway to your online accounts',
icon: 'email',
intro: '',
checklist: [],
color: 'teal',
},
{
title: 'Messaging',
slug: 'messaging',
description: 'Keeping your communications private and secure',
icon: 'messaging',
intro: '',
checklist: [],
color: 'cyan',
},
{
title: 'Social Media',
slug: 'social-media',
description: 'Minimizing the risks associated with using online communities',
icon: 'social',
intro: '',
checklist: [],
color: 'blue',
},
{
title: 'Networks',
slug: 'networks',
description: 'Safeguarding your network traffic',
icon: 'network',
intro: '',
checklist: [],
color: 'violet',
},
{
title: 'Mobile Devices',
slug: 'mobile-devices',
description: 'Reduce invasive tracking for cells, smartphones and tablets',
icon: 'mobile',
intro: '',
checklist: [],
color: 'fuchsia',
},
{
title: 'Personal Computers',
slug: 'personal-computers',
description: 'Securing your PC\'s operating system, data & activity',
icon: 'computer',
intro: '',
checklist: [],
color: 'pink',
},
{
title: 'Smart Home',
slug: 'smart-home',
description: 'Using IoT devices without compromising your privacy',
icon: 'home',
intro: '',
checklist: [],
color: 'red',
},
{
title: 'Personal Finance',
slug: 'personal-finance',
description: 'Protecting your funds, financial accounts and transactions',
icon: 'finance',
intro: '',
checklist: [],
color: 'purple',
},
{
title: 'Human Aspect',
slug: 'human-aspect',
description: 'Avoiding social engineering security risks',
icon: 'human',
intro: '',
checklist: [],
color: 'indigo',
},
{
title: 'Physical Security',
slug: 'physical-security',
description: 'Taking measures to prevent IRL security incidents',
icon: 'physical',
intro: '',
checklist: [],
color: 'lime',
},
];

View File

@ -18,7 +18,7 @@ export interface Section {
furtherResources?: Link[], furtherResources?: Link[],
} }
export type Priority = 'recommended' | 'optional' | 'advanced'; export type Priority = 'essential' | 'optional' | 'advanced';
export interface Checklist { export interface Checklist {
point: string, point: string,