mirror of
https://github.com/Lissy93/personal-security-checklist.git
synced 2024-12-18 04:04:36 -05:00
Adds email aliasing
This commit is contained in:
parent
da2c5f864e
commit
c5ce51ef3a
@ -76,7 +76,7 @@ For more browser security pointers, check out: [Here’s How To Get Solid Browse
|
||||
**Only use trusted browser add-ons and extensions** | Recommended | Both Firefox and Chrome web stores allow you to check what permissions/access rights an extension requires before you install it. Check the reviews. Only install extensions you really need, and removed those which you haven't used in a while. Extensions are able to see, log or modify anything you do in the browser, and some innocent looking browser apps, have malitious intentions.
|
||||
**Always keep your browser up-to-date** | Recommended | Browser vulnerabilities are constantly being discovered and patched, so it’s important to keep it up to date, to avoid a zero-day exploit. You can [see which browser version your using here](https://www.whatismybrowser.com/), or follow [this guide](https://www.whatismybrowser.com/guides/how-to-update-your-browser/) for instructions on how to update.
|
||||
**Use a private search engine** | Optional | Google tracks, logs and stores everything you do, but also displays biased results. Take a look at [DuckDuckGo](https://duckduckgo.com) or [StartPage](https://www.startpage.com). Neither store cookies or cache anything. [Read more](https://hackernoon.com/data-privacy-concerns-with-google-b946f2b7afea) about Google Search Privacy.
|
||||
**Consider a privacy browser** | Optional | Google openly collects usage data on Chrome usage. There are several privacy browsers out there which minimise the amount of data collected. The most popular of which is [Brave Browser](https://brave.com), or [Firefox](https://www.mozilla.org/en-GB/firefox/new/). Others include [Bromite](https://www.bromite.org/), [Epic Browser](https://www.epicbrowser.com/index.html) or [Comodo](https://www.comodo.com/home/browsers-toolbars/browser.php). The most secure option is [Tor Browser](https://www.torproject.org/).
|
||||
**Consider a privacy browser** | Optional | Google openly collects usage data on Chrome usage, as does Apple and Microsoft. Switching to a privacy browser will minimise data background data collection, cross-origin cookies and third-party scrips. A popular option is [Brave Browser](https://brave.com/?ref=ali721), or [Firefox](https://www.mozilla.org/en-GB/firefox/new/) with a [few tweeks](https://restoreprivacy.com/firefox-privacy). Others include [Bromite](https://www.bromite.org/), [Epic Browser](https://www.epicbrowser.com/index.html) or [Comodo](https://www.comodo.com/home/browsers-toolbars/browser.php), [see more](https://github.com/Lissy93/personal-security-checklist/blob/master/6_Privacy_Respecting_Software.md#browsers). The most secure option is [Tor Browser](https://www.torproject.org/).
|
||||
**Use DNS-over-HTTPS** | Optional | Traditional DNS makes requests in plain text for everyone to see, it allows for eavesdropping and manipulation of DNS data by man-in-the-middle attacks. Whereas [DNS-over-HTTPS](https://en.wikipedia.org/wiki/DNS_over_HTTPS) performs DNS resolution via the HTTPS protocol, meaning data between the you and your DNS resolver is encrypted. You can follow [this guide to enable in Firefox](https://support.mozilla.org/en-US/kb/firefox-dns-over-https), for see [CoudFlares 1.1.1.1 Docs](https://1.1.1.1/help).
|
||||
**Disable WebRTC** | Optional | [WebRTC](https://webrtc.org/) allows high-quality audio/ video communication and peer-to-peer file-sharing straight from the browser. However it can pose as a privacy leak, especially if you are using a proxy or VPN. In FireFox WebRTC can be disabled, by searching for, and disabling `media.peerconnection.enabled` in the settings. For other browsers, the [WebRTC-Leak-Prevent](ttps://github.com/aghorler/WebRTC-Leak-Prevent) extension can be installed. [uBlockOrigin](https://github.com/gorhill/uBlock) also allows WebRTC to be disabled. To learn more, [check out this guide](https://buffered.com/privacy-security/how-to-disable-webrtc-in-various-browsers/).
|
||||
**Don't Connect to Open WiFi networks** | Optional | Browing the internet while using public or open WiFi may leave you vulnrable to man-in-the-middle attacks, malware distribution or snooping and sniffing. Some hotspots may also be unencrypted, or even malicious. If you do need to briefly use a public WiFi network, ensure you disable file sharing, only visit HTTPS websites and use a VPN. Also remove the network from your saved WiFi list after. See the [networking](#networking) section for more details.
|
||||
@ -107,7 +107,8 @@ It's strongly advised not to use non-encrypted email, but if you follow these gu
|
||||
**Disable automatic loading of remote content in emails** | Recommended | Sometimes advertisers send emails which make reference to remote images, fonts, etc. If these remote resources are loaded automatically, they indicate to the sender that this specific email was received by you
|
||||
**Don’t share sensitive information over email** | Optional | Emails are very very easily intercepted. Also you can’t know how secure your recipients environment is. Don’t share anything personal, such as bank details, passwords, confidential information over email. Ideally, don’t use email as a primary method of communication.
|
||||
**Don’t connect third-party apps to your email account** | Optional | If you give a third-party app (like Unroll.me) full access to your inbox, this makes you vulnerable to cyber attacks. The app can be compromised and, as a consequence, cyber criminals would gain unhindered access to all your emails and their contents.
|
||||
**Consider switching to a more secure email provider** | Optional | Email providers such as [ProtonMail](https://protonmail.com), [CounterMail](https://countermail.com), [HushMail](https://www.hushmail.com) (for business users) or [MailFence](https://mailfence.com) allow for end-to-end encryption, full privacy as well as more security-focused features. See [this guide](https://github.com/OpenTechFund/secure-email) for a details of the inner workings of these services.
|
||||
**Consider switching to a more secure email provider** | Optional | Email providers such as [ProtonMail](https://protonmail.com), [CounterMail](https://countermail.com), [HushMail](https://www.hushmail.com/tapfiliate/?tap_a=44784-d2adc0&tap_s=724845-260ce4&program=hushmail-for-small-business) (for business users) or [MailFence](https://mailfence.com?src=digitald) allow for end-to-end encryption, full privacy as well as more security-focused features. See [this guide](https://github.com/OpenTechFund/secure-email) for a details of the inner workings of these services.
|
||||
**Use Aliasing to keep your real email private** | Advanced | Email aliasing allows you to put anything before the `@` of your email domain, and have all mail land in you main email inbox. This means you can use a different email addresses for each account you sign up for, and if one company leaks your address you can see exactley who did it and block that allias in 1 click. [33Mail](http://33mail.com/Dg0gkEA) is a free service which lets you do just this, you can also use your own domain name if you have one. Alternatiley you could configure your own self-hosted system, or if you have ProtonMail Visionary you can enable this feature.
|
||||
|
||||
**See also** [Recommended Encrypted Email Providers](https://github.com/Lissy93/personal-security-checklist/blob/master/6_Privacy_Respecting_Software.md#encrypted-email)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user