Your Guide to a Secure ‘17
Cyber attacks are becoming ever-more powerful and common. Governments are doing all in their power to arm and defend themselves against new age digital weapons. Things like ransomware, phishing, zero-days, and several other attack methods are becoming more complex with each passing second. As our lives become more digital and our identities migrate to the Internet, the responsibility to protect ourselves and others from harm greatly increases. The common citizen (or developer) is not safe.
So, how do you protect yourself? You’re probably not a security researcher (bless you if you are), and setting up VPNs, proxies, and Tor can be awfully painful, given the amount of time that you have. But, with the latest advances in technology and heightened awareness of digital threats, having a secure online presence has never been easier. The secure solutions that I’ll tell you about are free, open source, and easy to setup and use. And, we all love services with great UI/UX, so rest assured that these apps have just that!
Disclaimer: Downloading and/or using these apps will not grant you total privacy online. They will, however, do a great job in mitigating imminent cyber threats against you. Also, this post is not sponsored; I’m mentioning these services on my own terms.
Remember when everyone flipped out about the latest government surveillance scandal and all of these messaging apps tried to add end-to-end encryption? If you do, you’ve probably heard of Signal, a private and secure messaging app that’s been providing end-to-end encryption since its initial launch. It’s made by the great people at Open Whisper Systems and provides just about everything you need in a messaging app: A-to-B messaging, group messaging, voice calling, and even doodle/image messaging. Signal is the best secure alternative to apps like iMessage, Groupme, and Telegram, as it uses forward secrecy and advanced end-to-end encryption schemes. It lets you securely communicate with anyone who also has the app, and it provides a means of authenticating the person with whom you’re communicating by scanningvia QR code. To learn more about Signal, go here.
Mega is a product that not many people know about. They provide 50GB of encrypted storage for free! Keep in mind that Box gives 10GB of space for free, Dropbox only provides 2GB free, and Google only allows 15GB across all of your Google apps which, when you use Gmail and Drive, is little to nothing. Mega also lets you upload and download your content from your mobile device in addition to desktop, and making an account is free. There’s not much else to talk about, so if you want to check them out, go here.
Email is the oldest yet still most common attack vector among cyber attackers. PGP encryption added a layer of security, but it was never adopted by the common people. That means that there are millions of emails circulating about that are at risk of being intercepted by a malicious outside party. The solution to vulnerable email is Protonmail. For those of you that don’t know, Protonmail is an encrypted mail service with free storage, automatic PGP encryption, password-protected emails, and self-destructing messages. Plus, their servers are located in Switzerland, so the government cannot legally seize the machines. To learn more about Protonmail, go here.
You’re probably asking why Github is up here. Well, Git repositories (open source ones, too) make up a lot of today’s technical infrastructure, and a bad commit from a malicious party can destroy any important repository. To protect your projects, you can sign your commits with your own GPG signature to prevent anybody from impersonating you and your commits. You can also disable force pushing to your repos, which essentially makes sure that your projects aren’t ruined by someone trying to erase them. To learn more about commit signing, check this out. To learn about protecting branches from force pushing, go here.
All of the apps and services mentioned above will help make you a bit more secure online, but the best protection against cyber attacks is you. As long as you keep yourself educated on the latest online threats and have an idea how to mitigate these threats, almost nothing can harm you.
I hope that this list was helpful! If you think it was, be sure to like, recommend, and share. Thanks!