Adds Physical Security Section

README.md

@@ -18,6 +18,7 @@
 [<img src="https://i.ibb.co/ZftcgJq/8-computers-36x36.png" width="28" height="28" /> Personal Computers](#personal-computers)<br>
 [<img src="https://i.ibb.co/b2S9372/9-smart-home-36x36.png" width="28" height="28" /> Smart Home](#smart-home)<br>
 [<img src="https://i.ibb.co/KVPV1Lk/10-human-36x36.png" width="28" height="28" /> Human Aspect](#sensible-computing)<br>
+[<img src="https://i.ibb.co/9NbhBww/11-physical-36x36.png" width="28" height="28" /> Physical Security](#physical-security)<br>
 
 **Too long? 🦒** See the [TLDR version](/2_TLDR_Short_List.md) instead.
 
@@ -381,9 +382,38 @@ Many data breaches, hacks and attacks are caused by human error. The following l
 **Use a forwarding address** | Advanced | Have all mail addressed to a PO Box or forwarding address, to prevent any commerce, utility, finance, media or other companies knowing your read address. This would give you an extra layer of protecting if they suffered a breach, sold on personal details or were presented with a court order
 **Use anonymous payment methods** | Advanced | Paying online with credit or debit card involves entering personal details, including name and residential address. Paying with cryptocurrency will not require you to enter any identifiable information. Both [Monero](https://www.getmonero.org) and [Zcash](https://z.cash/) are totally anonymous, and so best for privacy. See also: [Anonymous Payment Methods](/5_Privacy_Respecting_Software.md#payment-methods)
 
-
 **See also**: [Online Tools](/5_Privacy_Respecting_Software.md#online-tools)
 
+## Physical Security
+
+Public records often include sensitive personal data (full name, date of birth, phone number, email, address, ethnicity etc), and are gathered from a range of sources (census records, birth/ death/ marriage certificates, voter registrants, marketing information, customer databases, motor vehicle records, professional/ business licenses and all court files in full detail). This sensitive personal information is [easy and legal to access](https://www.consumerreports.org/consumerist/its-creepy-but-not-illegal-for-this-website-to-provide-all-your-public-info-to-anyone/), which raises some [serious privacy concerns](https://privacyrights.org/resources/public-records-internet-privacy-dilemma) (identity theft, personal safety risks/ stalkers, destruction of reputations, dossier society)
+
+
+CCTV is one of the major ways that the corporations, individuals and the government tracks your movements. In London, UK the average person is caught on camera about 500 times per day. This network is continuing to grow, and in many cities around the world, facial recognition is being rolled out, meaning the state can know the identity of residents on the footage in real-time. 
+
+Strong authentication, encrypted devices, patched software and anonymous web browsing may be of little use if someone is able to physically compromise you, your devices and your data. This section outlines some basic methods for physical security
+
+
+**Security** | **Priority** | **Details and Hints**
+--- | --- | ---
+**Destroy Sensitive Documents** | Recommended | Instead of disposing of paperwork in the trash, you should first shred it, or take steps to redact any personally identifiable information. This will help protect you from identity theft, reduce the chance of blackmail and keep confidential data confidential
+**Opt-Out of Public Records** | Recommended | People search websites (such as [WhitePages](https://www.whitepages.com), [Spokeo](https://www.spokeo.com) and [Radaris](https://radaris.com)) list public records, including: full name, date of birth, address, and phone number. Some sites go further, showing place of work, previous addresses, criminal records and photos. This is bad for privacy, and can make you a target for fraud. It is recommended to contact these sites, and opt-out from these listings. Methods for doing so range considerably between countries and states, see [Personal Data Removal Workbook](https://inteltechniques.com/data/workbook.pdf) by Michael Bazzell or [Word Privacy Forum Opt-Out Guide](https://www.worldprivacyforum.org/2015/08/consumer-tips-top-ten-opt-outs/) or The LifeWire  [Remove Personal Information Guide](https://www.lifewire.com/remove-personal-information-from-internet-3482691) to get started
+**Don't Reveal Info on Inbound Calls** | Recommended | Only share sensitive personal data on outbound calls/ communications that you have initiated. Ensure the phone number is correct, and listen for anything that doesn't sound right. If a company phones you, and asks any questions, hang up and phone them back on their official number
+**Stay Alert** | Recommended | Stay aware of your surroundings. Whenever you step into a new environment, take a moment to assess potential risks. Listen to your instincts, when approached by an unknown individual. Ensure you are not being followed, when you approach your home address. Understand basic self-defense principle, and know how to put them into practice to defend yourself, if needed
+**Secure Perimeter** | Recommended | Maintain physical and structural integrity to all locations where devices with personal info are stored, and ensure steps have been put in place to stop any unauthorized access. Minimize external access: doors, windows, vents. Maintain locking devices responsibly: Keep keys safe, don't use guessable combinations, have multiple locks, change locks after a breach or potential risk. Consider intrusion detection systems, such as alarms and closed circuit monitoring. Make sure walls are structurally sound, and if there is a drop ceiling, ensure walls continue up into the ceiling. When inside - don't trust door chain lock and cover door peep hole
+**Physically Secure Devices** | Recommended | Use a Kensington lock to secure your device. Never leave devices unattended. Cover your web cam, consider a microphone block or disable it when not in use, use a USB data blocker when charging devices, use a privacy screen when working in public spaces
+**Keep Devices Out of Direct Sight** | Recommended | It is possible for an adversary to [communicate with voice assistants with lasers](https://arstechnica.com/information-technology/2019/11/researchers-hack-siri-alexa-and-google-home-by-shining-lasers-at-them/) at a certain frequency. This can be mitigated by keeping devices out direct line of sight from windows. Any electronics visible from outside, may also pose a risk from theft, and hence should be stored somewhere safe
+**Protect your PIN** | Recommended | When entering a code or password (such as unlocking device, withdrawing money from an ATM, or inputting a building access code), ensure that no one is watching over your shoulder, and they you are not in direct line of sight of a camera. Cover the keypad while entering the code to shield your PIN. After entering your PIN on a touch screen device, wipe over the screen to ensure your PIN can not be determined from smudge marks left by skin. 
+**Check for Skimmers** | Recommended | Before entering your card into an ATM, check for any signs that it may have been tampered with. You could use a card [skimmer detector](https://lab401.com/products/hunter-cat-card-skimmer-detector), or try to pull the card intake device to ensure it's firmly fitted. Watch out for other signs of compromise, such as small cameras, keypad covers or blockage on the cash out slot. This also applies to any public device that requires biometric or personal data to complete an action.
+**Protect your Home Address** | Optional | Don't set your home address in your phones settings, instead consider selecting a location in a similar region to where you live. Consider storing devices in faraday cage when at your home address. For deliveries, consider using an alias names, and if possible a forwarding or pickup address for receiving online deliveries. You could also combine this with anonymous payment (such as virtual card numbers/ privacy.com, cryptocurrency or cash), and a forwarding email address or VOIP number
+**Use a PIN, Not Biometrics** | Advanced  | For situations where law enforcement may be involved (such as a protest, or journalism), if your device is seized, authorities can not force you to hand over your device pin code, however they can ask for your fingerprint or face scan to unlock a device. Therefore in these situations disable biometric unlock.
+**Reduce exposure to CCTV** | Advanced | Wearing a hat, hoodie, dark glasses or face cover can make it harder for your identity to be known. Less busy streets tend to have fewer cameras. Knowing where cameras in your local area are, can help you avoid being caught on them. See more in [this article](http://snallabolaget.com/hiding-from-surveillance-how-and-why) by Snälla Bolaget
+**Anti-Facial Recognition Clothing** | Advanced | Most facial-recognition methods can be easily tricked with certain [patterns](https://www.theguardian.com/technology/2017/jan/04/anti-surveillance-clothing-facial-recognition-hyperface). Example products from: [Adversarial Fashion](https://adversarialfashion.com) or this item on [Redbubble](https://www.redbubble.com/i/t-shirt/Anti-Surveillance-Clothing-by-Naamiko/24714049.1YYVU).
+**Reduce Night Vision Exposure** | Advanced |  Infrared night vision cameras are very easy to block, by using a small IR light source, which is invisible to the human eye, but blinds night vision cameras. Alternatively super-reflective glasses (see [Reflectacles](https://www.reflectacles.com)) can also fool night vision cameras.
+**Protect your DNA** | Advanced | DNA is totally unique person-to-person, and can directly identify you. Therefore it is important to avoid sharing this information, [do not submit your DNA to heritage websites](https://internethealthreport.org/2019/23-reasons-not-to-reveal-your-dna/), be careful about [where you leave your DNA](https://youtu.be/MoX_BDWZUG0).
+
+
+
 ----
 
 #### There's more to check out!