Difference between revisions of "Security Practices"
Rajasekhar (talk | contribs) Tag: visualeditor-switched |
Rajasekhar (talk | contribs) m (→Introduction) Tag: visualeditor-switched |
||
| Line 3: | Line 3: | ||
By design, proprietary software is unsecure as the code is not open to the public. We strongly promote GNU/Linux operating system distributions which are more secure as the software is collectively developed with code open to the public. | By design, proprietary software is unsecure as the code is not open to the public. We strongly promote GNU/Linux operating system distributions which are more secure as the software is collectively developed with code open to the public. | ||
* [https://www.gnu.org/proprietary/proprietary.en.html Proprietary software is often malware] | |||
== Operating System == | == Operating System == | ||
Revision as of 08:28, 21 February 2021
Introduction
By default, the culture of the free software movement advocates proper security practices. There are certain tools and practices which help people to ensure such use cases in their daily life. Below are different paradigms of security practices.
By design, proprietary software is unsecure as the code is not open to the public. We strongly promote GNU/Linux operating system distributions which are more secure as the software is collectively developed with code open to the public.
Operating System
Debian GNU/Linux Operating system - This OS an outcome of a collective ecosystem where people around the world package applications in a massive scale. We strongly recommend using this OS in the personal computers.
Password Managers - Passwords are easily crackable with bruteforce mechanisms. We recommend to use strong Passphrases. Also, use free software password managers like Bitwarden, Keepassxc etc.
2-Factor Authentication (2FA)- For all types authentication, we recommend to set up use 2FA. Use free software OTP services like FreeOTP.
De-googlyfying Smartphones
Encrypted Communication
In the view of mass surveillance there's only one question, how do we send confidential data over the web. To answer this question, most of the communications happens via chat platforms and emails. Big tech companies like Google and Facebook are mass surveillance engines, there is no way that they can respect the user's privacy as they commodify data by selling to advertise agencies. Thus, as a community we need to enable the encrypted communication.
Signal is the encrypted chat platform. Starting from chats to calls both video and audio are encrypted by default.
When we look at email encryption, use free software mail clients like thunderbird (PCs), k9-mail (smartphones) etc. Next, we need to build the trust on the web with Public Key Infrastructure (PKI). In order to do so, use tools like OpenPGP. ~ https://wiki.debian.org/Keysigning