personal-security-checklist/ATTRIBUTIONS.md

165 lines
13 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## Contributors 🙌
Thanks goes to these wonderful people
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<table>
<tr>
<td align="center"><a href="https://gitlab.com/W1nst0n"><img src="https://avatars3.githubusercontent.com/u/55300518?v=4" width="90px;" alt=""/><br /><sub><b>0x192</b></sub></a><br /><a href="#security-0x192" title="Security">🛡️</a></td>
<td align="center"><a href="https://keybase.io/pipboy96"><img src="https://avatars1.githubusercontent.com/u/46632672?v=4" width="90px;" alt=""/><br /><sub><b>pipboy96</b></sub></a><br /><a href="#security-pipboy96" title="Security">🛡️</a></td>
<td align="center"><a href="https://aliciasykes.com"><img src="https://avatars1.githubusercontent.com/u/1862727?v=4" width="90px;" alt=""/><br /><sub><b>Alicia Sykes</b></sub></a><br /><a href="#security-Lissy93" title="Security">🛡️</a></td>
<td align="center"><a href="https://twitter.com/mwleeds"><img src="https://avatars2.githubusercontent.com/u/7833263?v=4" width="90px;" alt=""/><br /><sub><b>Matthew Leeds</b></sub></a><br /><a href="#security-mwleeds" title="Security">🛡️</a></td>
<td align="center"><a href="http://jaiminpandya.com"><img src="https://avatars0.githubusercontent.com/u/20967911?v=4" width="90px;" alt=""/><br /><sub><b>Jaimin Pandya</b></sub></a><br /><a href="#security-pndyjack" title="Security">🛡️</a></td>
<td align="center"><a href="https://twitter.com/ilesinge"><img src="https://avatars3.githubusercontent.com/u/501674?v=4" width="90px;" alt=""/><br /><sub><b>Alexandre G.-Raymond</b></sub></a><br /><a href="#security-ilesinge" title="Security">🛡️</a></td>
<td align="center"><a href="https://github.com/guestx86"><img src="https://avatars2.githubusercontent.com/u/56132403?v=4" width="90px;" alt=""/><br /><sub><b>guestx86</b></sub></a><br /><a href="#security-guestx86" title="Security">🛡️</a></td>
</tr>
<tr>
<td align="center"><a href="https://www.baturin.org"><img src="https://avatars0.githubusercontent.com/u/482212?v=4" width="90px;" alt=""/><br /><sub><b>Daniil Baturin</b></sub></a><br /><a href="#security-dmbaturin" title="Security">🛡️</a></td>
<td align="center"><a href="https://transitiontech.ca"><img src="https://avatars2.githubusercontent.com/u/1264398?v=4" width="90px;" alt=""/><br /><sub><b>ansuz</b></sub></a><br /><a href="#security-ansuz" title="Security">🛡️</a></td>
<td align="center"><a href="https://github.com/8264"><img src="https://avatars0.githubusercontent.com/u/23311938?v=4" width="90px;" alt=""/><br /><sub><b>8264</b></sub></a><br /><a href="#security-8264" title="Security">🛡️</a></td>
<td align="center"><a href="https://github.com/101lols"><img src="https://avatars1.githubusercontent.com/u/29000894?v=4" width="90px;" alt=""/><br /><sub><b>101lols</b></sub></a><br /><a href="#security-101lols" title="Security">🛡️</a></td>
</tr>
</table>
<!-- markdownlint-enable -->
<!-- prettier-ignore-end -->
<!-- ALL-CONTRIBUTORS-LIST:END -->
<!-- To add yourself to the table, copy the row above and replace with your details. Max 7 <td> (columns) per <tr> (row). -->
*This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification.*
[Contributions](/CONTRIBUTING.md) of any kind welcome!
Special Thanks to [Stefan Keim](https://github.com/indus) and [Matt (IPv4) Cowley](https://github.com/MattIPv4) from [JS.org](https://js.org), for providing the domain used for our GitHub Page ([security-list.js.org](https://security-list.js.org)).
And of course, and huge thank you to the awesome developers behind the projects listed in the [Privacy-Respecting Software list](/5_Privacy_Respecting_Software.md). The effort, time and love they've put into each one of those applications is immediately apparent, they've done an amazing job 💞
## References 📝
<blockquote>
"2019 Data Breach Investigations Report - EMEA", Verizon Enterprise Solutions, 2020. [Online]. Available: https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report-emea.pdf. [Accessed: 25- Apr- 2020]
"Web Browser Privacy: What Do Browsers Say When They Phone Home?", Feb 2020. [Online].
Available: https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf. [Accessed: 27- Apr- 2020]
"Comments on the Competition and Markets Authoritys interim report on online platforms and digital advertising", Privacyinternational.org, Jan 2020. [Online].
Available: https://privacyinternational.org/sites/default/files/2020-04/20.02.12_CMA_PI_Comments_Interim_Report_FINAL.pdf. [Accessed: 02- May- 2020]
"Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design", 1998. [Online].
Available: https://dl.packetstormsecurity.net/cracked/des/cracking-des.htm. [Accessed: 25- Apr- 2020]
"Digital Identity Guidelines", 2020. [Online].
Available: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf. [Accessed: 25- Apr- 2020]
"DNS Security - Getting it Right", Open Rights Group, 2020. [Online].
Available: https://www.openrightsgroup.org/about/reports/dns-security-getting-it-right. [Accessed: 25- Apr- 2020]
"DNS-over-HTTPS performance | SamKnows", Samknows.com, 2020. [Online].
Available: https://www.samknows.com/blog/dns-over-https-performance. [Accessed: 25- Apr- 2020]
J. Eckenrode and S. Friedman, "The state of cybersecurity at financial institutions", 2018. [Online].
Available: https://www2.deloitte.com/us/en/insights/industry/financial-services/state-of-cybersecurity-at-financial-institutions.html. [Accessed: 25- Apr- 2020]
E. Foundation, "Cracking DES", Shop.oreilly.com, 1998. [Online].
Available: http://shop.oreilly.com/product/9781565925205.do. [Accessed: 25- Apr- 2020]
"Google data collection, research and findings", Digital Content Next, 2020. [Online].
Available: https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/. [Accessed: 25- Apr- 2020]
S. Lekies, B. Stock, M. Wentzel and M. Johns, "The Unexpected Dangers of Dynamic JavaScript", UseNix & SAP, 2020. [Online]. Available: https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-lekies.pdf. [Accessed: 25- Apr- 2020]
"Privacy concerns with social networking services", 2020. [Online]. Available: https://en.wikipedia.org/wiki/Privacy_concerns_with_social_networking_services. [Accessed: 25- Apr- 2020]
D. Tian, G. Hernandez, J. Choi, V. Frost, C. Ruales, P. Traynor, H. Vijayakumar, L. Harrison, A. Rahmati, M. Grace and K. Butler, "Vulnerability Analysis of AT Commands Within the Android Ecosystem", Cise.ufl.edu, 2020. [Online].
Available: https://www.cise.ufl.edu/~butler/pubs/usenix18-atcmd.pdf. [Accessed: 25- Apr- 2020]
S. Topuzov, "Phone hacking through SS7 is frighteningly easy and effective", Blog.securegroup.com, 2020. [Online].
Available: https://blog.securegroup.com/phone-hacking-through-ss7-is-frighteningly-easy-and-effective. [Accessed: 25- Apr- 2020]
J. Heidemann, Y. Pradkin, R. Govindan, C. Papadopoulos and J. Bannister, "Exploring Visible Internet Hosts through Census and Survey", Isi.edu, 2020. [Online].
Available: https://www.isi.edu/~johnh/PAPERS/Heidemann07c.pdf. [Accessed: 10- May- 2020]
Michalevsky, Y., Boneh, D. and Nakibly, G., 2014. Recognizing Speech From Gyroscope Signals. [online] Usenix.org. Available at: <https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-michalevsky.pdf> [Accessed 26 May 2020].
Favaretto, M., Clercq, E. and Simone Elger, B., 2019. Big Data And Discrimination: Perils, Promises And Solutions. A Systematic Review. [online] springeropen. Available at: <https://journalofbigdata.springeropen.com/articles/10.1186/s40537-019-0177-4> [Accessed 26 May 2020].
Web Browser Privacy: What Do Browsers Say When They Phone Home?, n.d. https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf.
A Comprehensive Evaluation of Third-Party Cookie Policies, n.d. https://wholeftopenthecookiejar.com/static/tpc-paper.pdf.
A Study of Scripts Accessing Smartphone Sensors, n.d. https://sensor-js.xyz/webs-sixth-sense-ccs18.pdf.
Acar, Abbas, Wenyi Liu, Raheem Beyah, Kemal Akkaya, and Arif Selcuk Uluagac. “A PrivacyPreserving Multifactor Authentication System.” Security and
Privacy 2, no. 6 (2019). https://doi.org/10.1002/spy2.94.
Afzal, Waseem. “Rethinking Information Privacy-Security: Does It Really Matter?” Proceedings of the American Society for Information Science and
Technology 50, no. 1 (2013): 110. https://doi.org/10.1002/meet.14505001095.
Battery Status Not Included, Assessing Privacy in Web Standards, n.d. https://www.cs.princeton.edu/~arvindn/publications/battery-status-case-study.pdf.
Christl, Wolfie. Corporate Surveillance in Everyday Life, How Companies Collect, Combine, Analyze, Trade, and Use Personal Data on Billions, n.d.
https://crackedlabs.org/dl/CrackedLabs_Christl_CorporateSurveillance.pdf.
Das, Anupam, Gunes Acar, Nikita Borisov, and Amogh Pradeep. “The Webs Sixth Sense.” Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018. https://doi.org/10.1145/3243734.3243860.
Englehardt, Steven, Dillon Reisman, Christian Eubank, Peter Zimmerman, Jonathan Mayer, Arvind Narayanan, and Edward W. Felten. “Cookies That Give You Away.” Proceedings of the 24th International Conference on World Wide Web - WWW 15, 2015. https://doi.org/10.1145/2736277.2741679.
Englehardt, Steven, Jeffrey Han, and Arvind Narayanan. “I Never Signed up for This! Privacy Implications of Email Tracking.” Proceedings on Privacy Enhancing Technologies 2018, no. 1 (January 2018): 10926. https://doi.org/10.1515/popets-2018-0006.
Ferra, Fenia, Isabel Wagner, Eerke Boiten, Lee Hadlington, Ismini Psychoula, and Richard Snape. “Challenges in Assessing Privacy Impact: Tales from the Front Lines.” Security and Privacy 3, no. 2 (2019). https://doi.org/10.1002/spy2.101.
hmathur, arunes. Characterizing the Use of Browser-Based Blocking Extensions To Prevent Online Tracking, n.d. http://aruneshmathur.co.in/files/publications/SOUPS18_Tracking.pdf.
Lebeck, Kiron, Kimberly Ruth, Tadayoshi Kohno, and Franziska Roesner. “Towards Security and Privacy for Multi-User Augmented Reality: Foundations with End Users.” 2018 IEEE Symposium on Security and Privacy (SP), 2018. https://doi.org/10.1109/sp.2018.00051.
Location Tracking using Mobile Device Power Analysis, n.d. https://www.scribd.com/doc/256304846/PowerSpy-Location-Tracking-using-Mobile-Device-Power-Analysis.
Online Tracking, A 1-million-site Measurement and Analysis, n.d. https://www.cs.princeton.edu/~arvindn/publications/OpenWPM_1_million_site_tracking_measurement.pdf.
Pixel Perfect, Fingerprinting Canvas in HTML5, n.d. https://hovav.net/ucsd/dist/canvas.pdf.
Recognizing Speech From Gyroscope Signals, n.d. https://crypto.stanford.edu/gyrophone/.
Roesner, Franziska. Detecting and Defending Against Third-Party Tracking on the Web, n.d. http://www.franziroesner.com/pdf/webtracking-NSDI2012.pdf.
Schneider, Christian. Cross-Site WebSocket Hijacking, n.d. http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html.
Seb, Crypto. Crypto Paper: Privacy, Security, and Anonymity For Every Internet User, n.d. https://github.com/cryptoseb/cryptopaper.
Shining the Floodlights on Mobile Web Tracking — A Privacy Survey, n.d. https://pdfs.semanticscholar.org/80bb/5c9119ff4fc2374103b4f3d6a8f614b3c2ed.pdf.
Su, Jessica, Ansh Shukla, Sharad Goel, and Arvind Narayanan. “De-Anonymizing Web Browsing Data with Social Networks.” Proceedings of the 26th International Conference on World Wide Web, March 2017. https://doi.org/10.1145/3038912.3052714.
The Surveillance Implications of Web Tracking, n.d. https://senglehardt.com/papers/www15_cookie_surveil.pdf.
Trackers Vs Firefox, Comparing different blocking utilities, n.d. https://github.com/jawz101/TrackersVsFirefox.
Understanding Facebook Connect login permissions, n.d. http://jbonneau.com/doc/RB14-fb_permissions.pdf.
Vines, Paul, Franziska Roesner, and Tadayoshi Kohno. “Exploring ADINT.” Proceedings of the 2017 on Workshop on Privacy in the Electronic Society - WPES 17, 2017. https://doi.org/10.1145/3139550.3139567.
Yelp, Luca Wu. Is Google degrading search? Consumer Harm from Universal Search, n.d. https://www.law.berkeley.edu/wp-content/uploads/2015/04/Luca-Wu-Yelp-Is-Google-Degrading-Search-2015.pdf.
</blockquote>
**Above References apply to the Content in the Following Files**:<br>
[TLDR](/2_TLDR_Short_List.md) | [Intro](/0_Why_It_Matters.md) | [The Personal Security Checklist](/README.md) | [Privacy-Respecting Software](/5_Privacy_Respecting_Software.md) | [Security Hardware](/6_Privacy_and-Security_Gadgets.md) | [Further Links](/4_Privacy_And_Security_Links.md)
## Stars 🌟
[![Stargazers over time](https://starchart.cc/Lissy93/personal-security-checklist.svg)](https://star-history.t9t.io/#Lissy93/personal-security-checklist)
Thank you [@caarlos0](https://github.com/caarlos0) for the above [Star Chart](https://github.com/caarlos0/starcharts) ☺️
---
Licensed under [Creative Commons, CC BY 4.0](/LICENSE.md), © [Alicia Sykes](https://aliciasykes.com) 2020