# Attributions ## Sponsors 💖
koconder
Vincent Koc
peng1can
Peng1can
tbjers
Torgny Bjers
emlazzarin
Eddy Lazzarin
AnandChowdhary
Anand Chowdhary
shrippen
Shrippen
davidpaulyoung
David Young
bile0026
Zach Biles
UlisesGascon
Ulises Gascón
digitalarche
Digital Archeology
bmcgonag
Brian McGonagill
vlad-timofeev
Vlad Timofeev
helixzz
HeliXZz
forwardemail
Forward Email - Open-source & Privacy-focused Email Service (2023)
Bastii717
Bastii717
ratty222
Brent
Glydeon
Byron
NixyJuppie
Nixy
## Contributors 🙌 Thanks goes to these wonderful people
Lissy93
Alicia Sykes
liss-bot
Alicia Bot
matkoniecz
Mateusz Konieczny
lucadidomenico
Luca Di Domenico
gitetsu
Gitetsu
aarontorres0
Aaron
0xnbk
Nbk
alxndrv
Andrey Aleksandrov
hypogram
Hypogram
b3pio
₿ӠⱣłØ
rusty-snake
Rusty-snake
marjamis
Marjamis
ansuz
Ansuz
zacharyraber
Zachary Raber
sirodoht
Theodore Keloglou
ilesinge
Alexandre G.-Raymond
ba32107
Balazs Gyurak
dmbaturin
Daniil Baturin
mwleeds
Phaedrus Leeds
pndyjack
Pndyjack
kdenhartog
Kyle Den Hartog
lukecarr
Luke Carr
lordpansar
Magnus Sundström
mschwrdtnr
Max S.
nickali
Nick Ali
Oymate
Oymate
pdelfino
Pedro Delfino
sjamaan
Peter Bex
yaxollum
Peter Ye
rorymbyrne
Rory Byrne
Silvhr
Silvhr
spikecodes
Spike
ThomasRettig
Thomas Rettig
tim-v3
Tim Weber
zeusalmighty717
Zeus Almighty
apraile
Apraile
elesiuta
Eric Lesiuta
fireneat
Fireneat
ignoramous
Ignoramous
kevodwyer
Kevodwyer
notthewave
Notthewave
ogoregen
Oğuzhan
omahs
Omahs
pabloscloud
Pabloscloud
partoneoftwo
Partoneoftwo
pipboy96
Pipboy96
theblackmallard
Theblackmallard
titanism
Titanism
0x192
W1nst0n
101lols
101lols
boushley
Aaron Boushley
Adv4n6
Adv4n6
ndsvw
Alexander L.
andydonzelli
Andy Donzelli
austinhuang0131
Austin Huang
ben-thul
Ben Thul
BBlackwo
Benjamin B
BrunoBernardino
Bruno Bernardino
chemmi
Christian Hemminghaus
DaShoe
DaShoe
danielgtaylor
Daniel G. Taylor
dim1119
Dimitris Lazarakis
VoDmAl
Dmitry Vorobyev
federicoviceconti
Federico
0x5FE
0x5FE
fkohrt
Florian Kohrt
freddy-m
Freddy
hw4n
Hwanhee Chae
jneplokh
Jacob Neplokh
gongjason
Jason G
mxygem
Gemini Smith
monkeywithacupcake
Jess
openjck
John Karahalis
edelbluth
Juergen Edelbluth
fetzu
Julien
seclution
Kai Biebel
koirand
Kazuki Koide
Kotbenek
Dominik Piątkowski
leon-costa
Leon Costa
## Stargazers 🌟 [![Recent Star Gazers](https://reporoster.com/stars/dark/Lissy93/personal-security-checklist)](https://github.com/Lissy93/personal-security-checklist/stargazers) [![Recent Forkers](https://reporoster.com/forks/dark/lissy93/personal-security-checklist)](https://github.com/lissy93/personal-security-checklist/network/members) ## Special Thanks 🤗 Special Thanks to [Stefan Keim](https://github.com/indus) and [Matt (IPv4) Cowley](https://github.com/MattIPv4) from [JS.org](https://js.org), for providing the domain used for our GitHub Page ([security-list.js.org](https://security-list.js.org)). And of course, and huge thank you to the awesome developers behind the projects listed in the [Privacy-Respecting Software list](/5_Privacy_Respecting_Software.md). The effort, time and love they've put into each one of those applications is immediately apparent, they've done an amazing job 💞 ## You? 👈 Want to get involved? You can support the continued development of this project by submitting a PR, sponsoring us on GitHub, sharing this repo with your network or staring the repository. [Contributions](/CONTRIBUTING.md) of any kind are very welcome! #### Submit an Improvement [![Submit a PR](https://img.shields.io/badge/Submit_a_PR-GitHub-%23060606?style=for-the-badge&logo=github&logoColor=fff)](https://github.com/Lissy93/dashy/compare) #### Sponsor the Project [![Sponsor Lissy93 on GitHub](https://img.shields.io/badge/Sponsor_on_GitHub-Lissy93-%23ff4dda?style=for-the-badge&logo=githubsponsors&logoColor=ff4dda)](https://github.com/sponsors/Lissy93) #### Share with your Network [![Share on Twitter](https://img.shields.io/badge/Share-Twitter-17a2f3?style=for-the-badge&logo=Twitter)](http://twitter.com/share?text=Check%20out%20the%20Personal%20Cyber%20Security%20Checklist-%20an%20ultimate%20list%20of%20tips%20for%20protecting%20your%20digital%20security%20and%20privacy%20in%202020%2C%20with%20%40Lissy_Sykes%20%F0%9F%94%90%20%20%F0%9F%9A%80&url=https://github.com/Lissy93/personal-security-checklist) [![Share on LinkedIn](https://img.shields.io/badge/Share-LinkedIn-0077b5?style=for-the-badge&logo=LinkedIn)](http://www.linkedin.com/shareArticle?mini=true&url=https://github.com/Lissy93/personal-security-checklist&title=The%20Ultimate%20Personal%20Cyber%20Security%20Checklist&summary=%F0%9F%94%92%20A%20curated%20list%20of%20100%2B%20tips%20for%20protecting%20digital%20security%20and%20privacy%20in%202020&source=https://github.com/Lissy93) [![Share on Mastodon](https://img.shields.io/badge/Share-Mastodon-56a7e1?style=for-the-badge&logo=Mastodon)](https://mastodon.social/web/statuses/new?text=Check%20out%20the%20Ultimate%20Personal%20Cyber%20Security%20Checklist%20by%20%40Lissy93%20on%20%23GitHub%20%20%F0%9F%94%90%20%E2%9C%A8) ## References 📝
"2019 Data Breach Investigations Report - EMEA", Verizon Enterprise Solutions, 2020. [Online]. Available: https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report-emea.pdf. [Accessed: 25- Apr - 2020] "Web Browser Privacy: What Do Browsers Say When They Phone Home?", Feb 2020. [Online]. Available: https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf. [Accessed: 27- Apr - 2020] "Comments on the Competition and Markets Authority’s interim report on online platforms and digital advertising", Privacyinternational.org, Jan 2020. [Online]. Available: https://privacyinternational.org/sites/default/files/2020-04/20.02.12_CMA_PI_Comments_Interim_Report_FINAL.pdf. [Accessed: 02- Ma - 2020] "Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design", 1998. [Online]. Available: https://dl.packetstormsecurity.net/cracked/des/cracking-des.htm. [Accessed: 25- Apr - 2020] "Digital Identity Guidelines", 2020. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf. [Accessed: 25- Apr - 2020] "DNS Security - Getting it Right", Open Rights Group, 2020. [Online]. Available: https://www.openrightsgroup.org/about/reports/dns-security-getting-it-right. [Accessed: 25- Apr - 2020] "DNS-over-HTTPS performance | SamKnows", Samknows.com, 2020. [Online]. Available: https://www.samknows.com/blog/dns-over-https-performance. [Accessed: 25- Apr - 2020] J. Eckenrode and S. Friedman, "The state of cybersecurity at financial institutions", 2018. [Online]. Available: https://www2.deloitte.com/us/en/insights/industry/financial-services/state-of-cybersecurity-at-financial-institutions.html. [Accessed: 25- Apr - 2020] E. Foundation, "Cracking DES", Shop.oreilly.com, 1998. [Online]. Available: http://shop.oreilly.com/product/9781565925205.do. [Accessed: 25- Apr - 2020] "Google data collection, research and findings", Digital Content Next, 2020. [Online]. Available: https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/. [Accessed: 25- Apr - 2020] S. Lekies, B. Stock, M. Wentzel and M. Johns, "The Unexpected Dangers of Dynamic JavaScript", UseNix & SAP, 2020. [Online]. Available: https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-lekies.pdf. [Accessed: 25- Apr - 2020] "Privacy concerns with social networking services", 2020. [Online]. Available: https://en.wikipedia.org/wiki/Privacy_concerns_with_social_networking_services. [Accessed: 25- Apr - 2020] D. Tian, G. Hernandez, J. Choi, V. Frost, C. Ruales, P. Traynor, H. Vijayakumar, L. Harrison, A. Rahmati, M. Grace and K. Butler, "Vulnerability Analysis of AT Commands Within the Android Ecosystem", Cise.ufl.edu, 2020. [Online]. Available: https://www.cise.ufl.edu/~butler/pubs/usenix18-atcmd.pdf. [Accessed: 25- Apr - 2020] S. Topuzov, "Phone hacking through SS7 is frighteningly easy and effective", Blog.securegroup.com, 2020. [Online]. Available: https://blog.securegroup.com/phone-hacking-through-ss7-is-frighteningly-easy-and-effective. [Accessed: 25- Apr - 2020] J. Heidemann, Y. Pradkin, R. Govindan, C. Papadopoulos and J. Bannister, "Exploring Visible Internet Hosts through Census and Survey", Isi.edu, 2020. [Online]. Available: https://www.isi.edu/~johnh/PAPERS/Heidemann07c.pdf. [Accessed: 10- Ma - 2020] Michalevsky, Y., Boneh, D. and Nakibly, G., 2014. Recognizing Speech From Gyroscope Signals. [online] Usenix.org. Available at: [Accessed 26 May 2020]. Favaretto, M., Clercq, E. and Simone Elger, B., 2019. Big Data And Discrimination: Perils, Promises And Solutions. A Systematic Review. [online] springeropen. Available at: [Accessed 26 May 2020]. Web Browser Privacy: What Do Browsers Say When They Phone Home?, n.d. https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf. A Comprehensive Evaluation of Third-Party Cookie Policies, n.d. https://wholeftopenthecookiejar.com/static/tpc-paper.pdf. A Study of Scripts Accessing Smartphone Sensors, n.d. https://sensor-js.xyz/webs-sixth-sense-ccs18.pdf. Acar, Abbas, Wenyi Liu, Raheem Beyah, Kemal Akkaya, and Arif Selcuk Uluagac. “A Privacy‐Preserving Multifactor Authentication System.” Security and Privacy 2, no. 6 (2019). https://doi.org/10.1002/spy2.94. Afzal, Waseem. “Rethinking Information Privacy-Security: Does It Really Matter?” Proceedings of the American Society for Information Science and Technology 50, no. 1 (2013): 1–10. https://doi.org/10.1002/meet.14505001095. Battery Status Not Included, Assessing Privacy in Web Standards, n.d. https://www.cs.princeton.edu/~arvindn/publications/battery-status-case-study.pdf. Christl, Wolfie. Corporate Surveillance in Everyday Life, How Companies Collect, Combine, Analyze, Trade, and Use Personal Data on Billions, n.d. https://crackedlabs.org/dl/CrackedLabs_Christl_CorporateSurveillance.pdf. Das, Anupam, Gunes Acar, Nikita Borisov, and Amogh Pradeep. “The Webs Sixth Sense.” Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018. https://doi.org/10.1145/3243734.3243860. Englehardt, Steven, Dillon Reisman, Christian Eubank, Peter Zimmerman, Jonathan Mayer, Arvind Narayanan, and Edward W. Felten. “Cookies That Give You Away.” Proceedings of the 24th International Conference on World Wide Web - WWW 15, 2015. https://doi.org/10.1145/2736277.2741679. Englehardt, Steven, Jeffrey Han, and Arvind Narayanan. “I Never Signed up for This! Privacy Implications of Email Tracking.” Proceedings on Privacy Enhancing Technologies 2018, no. 1 (January 2018): 109–26. https://doi.org/10.1515/popets-2018-0006. Ferra, Fenia, Isabel Wagner, Eerke Boiten, Lee Hadlington, Ismini Psychoula, and Richard Snape. “Challenges in Assessing Privacy Impact: Tales from the Front Lines.” Security and Privacy 3, no. 2 (2019). https://doi.org/10.1002/spy2.101. hmathur, arunes. Characterizing the Use of Browser-Based Blocking Extensions To Prevent Online Tracking, n.d. http://aruneshmathur.co.in/files/publications/SOUPS18_Tracking.pdf. Lebeck, Kiron, Kimberly Ruth, Tadayoshi Kohno, and Franziska Roesner. “Towards Security and Privacy for Multi-User Augmented Reality: Foundations with End Users.” 2018 IEEE Symposium on Security and Privacy (SP), 2018. https://doi.org/10.1109/sp.2018.00051. Location Tracking using Mobile Device Power Analysis, n.d. https://www.scribd.com/doc/256304846/PowerSpy-Location-Tracking-using-Mobile-Device-Power-Analysis. Online Tracking, A 1-million-site Measurement and Analysis, n.d. https://www.cs.princeton.edu/~arvindn/publications/OpenWPM_1_million_site_tracking_measurement.pdf. Pixel Perfect, Fingerprinting Canvas in HTML5, n.d. https://hovav.net/ucsd/dist/canvas.pdf. Recognizing Speech From Gyroscope Signals, n.d. https://crypto.stanford.edu/gyrophone/. Roesner, Franziska. Detecting and Defending Against Third-Party Tracking on the Web, n.d. http://www.franziroesner.com/pdf/webtracking-NSDI2012.pdf. Schneider, Christian. Cross-Site WebSocket Hijacking, n.d. http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html. Seb, Crypto. Crypto Paper: Privacy, Security, and Anonymity For Every Internet User, n.d. https://github.com/cryptoseb/cryptopaper. Shining the Floodlights on Mobile Web Tracking — A Privacy Survey, n.d. https://pdfs.semanticscholar.org/80bb/5c9119ff4fc2374103b4f3d6a8f614b3c2ed.pdf. Su, Jessica, Ansh Shukla, Sharad Goel, and Arvind Narayanan. “De-Anonymizing Web Browsing Data with Social Networks.” Proceedings of the 26th International Conference on World Wide Web, March 2017. https://doi.org/10.1145/3038912.3052714. The Surveillance Implications of Web Tracking, n.d. https://senglehardt.com/papers/www15_cookie_surveil.pdf. Trackers Vs Firefox, Comparing different blocking utilities, n.d. https://github.com/jawz101/TrackersVsFirefox. Understanding Facebook Connect login permissions, n.d. http://jbonneau.com/doc/RB14-fb_permissions.pdf. Vines, Paul, Franziska Roesner, and Tadayoshi Kohno. “Exploring ADINT.” Proceedings of the 2017 on Workshop on Privacy in the Electronic Society - WPES 17, 2017. https://doi.org/10.1145/3139550.3139567. Yelp, Luca Wu. Is Google degrading search? Consumer Harm from Universal Search, n.d. https://www.law.berkeley.edu/wp-content/uploads/2015/04/Luca-Wu-Yelp-Is-Google-Degrading-Search-2015.pdf.
**Above References apply to the Content in the Following Files**:
[TLDR](/2_TLDR_Short_List.md) | [Intro](/0_Why_It_Matters.md) | [The Personal Security Checklist](/README.md) | [Privacy-Respecting Software](/5_Privacy_Respecting_Software.md) | [Security Hardware](/6_Privacy_and-Security_Gadgets.md) | [Further Links](/4_Privacy_And_Security_Links.md) --- Licensed under [Creative Commons, CC BY 4.0](/LICENSE.md), © [Alicia Sykes](https://aliciasykes.com) 2022