Security Practices

From FSMI WIKI
Revision as of 08:16, 21 February 2021 by Rajasekhar (talk | contribs) (Added syntax for headings)
Jump to navigation Jump to search

Introduction

By default, the culture of the free software movement advocates proper security practices. There are certain tools and practices which help people to ensure such use cases in their daily life. Below are different paradigms of security practices.

By design, proprietary software is unsecure as the code is not open to the public. We strongly promote GNU/Linux operating system distributions which are more secure as the software is collectively developed with code open to the public. ~ Proprietary software is often malware 

https://www.gnu.org/proprietary/proprietary.en.html

Operating System

Debian GNU/Linux Operating system - This OS an outcome of a collective ecosystem where people around the world package applications in a massive scale. We strongly recommend using this OS in the personal computers.

~Debian Wiki https://wiki.debian.org

Password Managers - Passwords are easily crackable with bruteforce mechanisms. We recommend to use strong Passphrases. Also, use free software password managers like Bitwarden (https://bitwarden.com), keepassxc- (https://keepassxc.org/) etc.

2-Factor Authentication (2FA)- For all types authentication, we recommend to set up use 2FA. Use free software OTP services like FreeOTP.

Encrypted Communication

In the view of mass surveillance there's only one question, how do we send confidential data over the web. To answer this question, most of the communications happens via chat platforms and emails. Big tech companies like Google and Facebook are mass surveillance engines, there is no way that they can respect the user's privacy as they commodify data by selling to advertise agencies. Thus, as a community we need to enable the encrypted communication.

Signal is the encrypted chat platform. Starting from chats to calls both video and audio are encrypted by default.

When we look at email encryption, use free software mail clients like thunderbird (PCs), k9-mail (smartphones) etc. Next, we need to build the trust on the web with Public Key Infrastructure (PKI). In order to do so, use tools like OpenPGP. ~ https://wiki.debian.org/Keysigning

Retrieved from "https://fsmi.wiki/index.php?title=Security_Practices&oldid=38"