mirror of
https://github.com/Lissy93/personal-security-checklist.git
synced 2024-12-25 15:29:23 -05:00
feat: added Forward Email
Related to https://github.com/Lissy93/awesome-privacy/pull/201 and https://github.com/Lissy93/email-comparison/pull/13.
This commit is contained in:
parent
b09f0d1dae
commit
a07a767d34
@ -140,10 +140,10 @@ The big companies providing "free" email service, don't have a good reputation f
|
|||||||
**Use Plaintext** | Optional | There are two main types of emails on the internet: plaintext and HTML. The former is strongly preferred for privacy & security as HTML messages often include identifiers in links and inline images, which can collext usage and personal data. There's also numerous risks of remote code execution targetting the HTML parser of your mail client, which can not be exploited if you are using plaintext. For more info, as well as setup instructions for your mail provider, see [UsePlaintext.email](https://useplaintext.email/).
|
**Use Plaintext** | Optional | There are two main types of emails on the internet: plaintext and HTML. The former is strongly preferred for privacy & security as HTML messages often include identifiers in links and inline images, which can collext usage and personal data. There's also numerous risks of remote code execution targetting the HTML parser of your mail client, which can not be exploited if you are using plaintext. For more info, as well as setup instructions for your mail provider, see [UsePlaintext.email](https://useplaintext.email/).
|
||||||
**Don’t connect third-party apps to your email account** | Optional | If you give a third-party app or plug-in (such as Unroll.me, Boomerang, SaneBox etc) full access to your inbox, they effectively have full unhindered access to all your emails and their contents, which poses [significant security and privacy risks](https://zeltser.com/risks-of-email-search-services/)
|
**Don’t connect third-party apps to your email account** | Optional | If you give a third-party app or plug-in (such as Unroll.me, Boomerang, SaneBox etc) full access to your inbox, they effectively have full unhindered access to all your emails and their contents, which poses [significant security and privacy risks](https://zeltser.com/risks-of-email-search-services/)
|
||||||
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you can’t be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential information, unless it is encrypted.
|
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you can’t be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential information, unless it is encrypted.
|
||||||
**Consider Switching to a Secure Mail Provider** | Optional | Secure and reputable email providers such as [ProtonMail](https://protonmail.com) and [Tutanota](https://tutanota.com) allow for end-to-end encryption, full privacy as well as more security-focused features. Unlike typical email providers, your mailbox cannot be read by anyone but you, since all messages are encrypted. Providers such as Google, Microsoft and Yahoo scan messages for advertising, analytics and law enforcement purposes, but this poses a serious security threat
|
**Consider Switching to a Secure Mail Provider** | Optional | Secure and reputable email providers such as [Forward Email](https://forwardemail.net), [ProtonMail](https://protonmail.com) and [Tutanota](https://tutanota.com) allow for end-to-end encryption, full privacy as well as more security-focused features. Unlike typical email providers, your mailbox cannot be read by anyone but you, since all messages are encrypted. Providers such as Google, Microsoft and Yahoo scan messages for advertising, analytics and law enforcement purposes, but this poses a serious security threat
|
||||||
**Use Smart Key** | Advanced | OpenPGP also [does not support](https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection) Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. Therefore, you should take great care to keep your private keys safe. One method of doing so, is to use a USB Smart Key to sign or decrypt messages, allowing you to do so without your private key leaving the USB device. Devices which support this include [NitroKey](https://www.nitrokey.com/), [YubiKey 5](https://www.yubico.com/products/yubikey-5-overview/) (See [Yubico Neo](https://developers.yubico.com/ykneo-openpgp/)), [Smart Card](https://www.floss-shop.de/en/security-privacy/smartcards/13/openpgp-smart-card-v3.3) (See [guide](https://spin.atomicobject.com/2014/02/09/gnupg-openpgp-smartcard/)), [OnlyKey](https://onlykey.io/)
|
**Use Smart Key** | Advanced | OpenPGP also [does not support](https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection) Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. Therefore, you should take great care to keep your private keys safe. One method of doing so, is to use a USB Smart Key to sign or decrypt messages, allowing you to do so without your private key leaving the USB device. Devices which support this include [NitroKey](https://www.nitrokey.com/), [YubiKey 5](https://www.yubico.com/products/yubikey-5-overview/) (See [Yubico Neo](https://developers.yubico.com/ykneo-openpgp/)), [Smart Card](https://www.floss-shop.de/en/security-privacy/smartcards/13/openpgp-smart-card-v3.3) (See [guide](https://spin.atomicobject.com/2014/02/09/gnupg-openpgp-smartcard/)), [OnlyKey](https://onlykey.io/)
|
||||||
**Use Aliasing / Anonymous Forwarding** | Advanced | Email aliasing allows messages to be sent to [anything]@my-domain.com and still land in your primary inbox. Effectively allowing you to use a different, unique email address for each service you sign up for. This means if you start receiving spam, you can block that alias and determine which company leaked your email address. More importantly, you do not need to reveal your real email address to any company. <br>[Anonaddy](https://anonaddy.com) and [SimpleLogin](https://simplelogin.io/?slref=bridsqrgvrnavso) are open source anonymous email forwarding service allowing you to create unlimited email aliases, with a free plan
|
**Use Aliasing / Anonymous Forwarding** | Advanced | Email aliasing allows messages to be sent to [anything]@my-domain.com and still land in your primary inbox. Effectively allowing you to use a different, unique email address for each service you sign up for. This means if you start receiving spam, you can block that alias and determine which company leaked your email address. More importantly, you do not need to reveal your real email address to any company. <br>[Anonaddy](https://anonaddy.com) and [SimpleLogin](https://simplelogin.io/?slref=bridsqrgvrnavso) are open source anonymous email forwarding service allowing you to create unlimited email aliases, with a free plan
|
||||||
**Subaddressing** | Optional | An alternative to aliasing is [subaddressing](https://en.wikipedia.org/wiki/Email_address#Subaddressing), where anything after the `+` symbol is omitted during mail delivery, for example you the address yourname+tag@example.com denotes the same delivery address as yourname@example.com. This was defined in [RCF-5233](https://tools.ietf.org/html/rfc5233), and supported by most major mail providers (inc Gmail, YahooMail, Outlook, FastMail and ProtonMail). It enables you to keep track of who shared/ leaked your email address, but unlike aliasing it will not protect against your real address being revealed
|
**Subaddressing** | Optional | An alternative to aliasing is [subaddressing](https://en.wikipedia.org/wiki/Email_address#Subaddressing), where anything after the `+` symbol is omitted during mail delivery, for example you the address yourname+tag@example.com denotes the same delivery address as yourname@example.com. This was defined in [RCF-5233](https://tools.ietf.org/html/rfc5233), and supported by most major mail providers (inc Gmail, YahooMail, Outlook, FastMail, Forward Email and ProtonMail). It enables you to keep track of who shared/ leaked your email address, but unlike aliasing it will not protect against your real address being revealed
|
||||||
**Use a Custom Domain** | Advanced | Using a custom domain, means that even you are not dependent on the address assigned by your mail provider. So you can easily switch providers in the future and do not need to worry about a service being discontinued
|
**Use a Custom Domain** | Advanced | Using a custom domain, means that even you are not dependent on the address assigned by your mail provider. So you can easily switch providers in the future and do not need to worry about a service being discontinued
|
||||||
**Sync with a client for backup** | Advanced | Further to the above, to avoid loosing temporary or permanent access to your emails during an unplanned event (such as an outage or account lock). Thunderbird can sync/ backup messages from multiple accounts via IMAP and store locally on your primary device
|
**Sync with a client for backup** | Advanced | Further to the above, to avoid loosing temporary or permanent access to your emails during an unplanned event (such as an outage or account lock). Thunderbird can sync/ backup messages from multiple accounts via IMAP and store locally on your primary device
|
||||||
**Be Careful with Mail Signatures** | Advanced | You do not know how secure of an email environment the recipient of your message may have. There are several extensions (such as [ZoomInfo](https://www.zoominfo.com)) that automatically crawl messages, and create a detailed database of contact information based upon email signitures, and sometimes message content. If you send an email to someone who has something like this enabled, then you are unknowingly entering your details into this database
|
**Be Careful with Mail Signatures** | Advanced | You do not know how secure of an email environment the recipient of your message may have. There are several extensions (such as [ZoomInfo](https://www.zoominfo.com)) that automatically crawl messages, and create a detailed database of contact information based upon email signitures, and sometimes message content. If you send an email to someone who has something like this enabled, then you are unknowingly entering your details into this database
|
||||||
|
Loading…
Reference in New Issue
Block a user