gf4
/
personal-security-checklist
mirror of https://git.hackliberty.org/Awesome-Mirrors/personal-security-checklist
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

simplify, clarify emails and sensitive data 

using secure email provider and sending unencrypted  email will not help at all

personal info that is not confidential at all is not problematic, so "confidential or personal" is not necessary
pull/83/head
Mateusz Konieczny 2021-11-02 12:37:52 +01:00 committed by GitHub
parent 0f6bd7623a
commit 16c80ab4c4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -141,7 +141,7 @@ The big companies providing "free" email service, don't have a good reputation f
**Disable Automatic Loading of Remote Content** | Recommended | Email messages can contain remote content such as images or stylesheets, often automatically loaded from the server. You should disable this, as it exposes your IP address and device information, and is often used for tracking. For more info, see [this article](https://www.theverge.com/2019/7/3/20680903/email-pixel-trackers-how-to-stop-images-automatic-download)
**Use Plaintext** | Optional | There are two main types of emails on the internet: plaintext and HTML. The former is strongly preferred for privacy & security as HTML messages often include identifiers in links and inline images, which can collext usage and personal data. There's also numerous risks of remote code execution targetting the HTML parser of your mail client, which can not be exploited if you are using plaintext. For more info, as well as setup instructions for your mail provider, see [UsePlaintext.email](https://useplaintext.email/).
**Dont connect third-party apps to your email account** | Optional | If you give a third-party app or plug-in (such as Unroll.me, Boomerang, SaneBox etc) full access to your inbox, they effectively have full unhindered access to all your emails and their contents, which poses [significant security and privacy risks](https://zeltser.com/risks-of-email-search-services/)
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you cant be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential or personal information, unless it is encrypted/ or both parties are using a secure mail provider
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you cant be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential information, unless it is encrypted.
**Consider Switching to a Secure Mail Provider** | Optional | Secure and reputable email providers such as [ProtonMail](https://protonmail.com) and [Tutanota](https://tutanota.com) allow for end-to-end encryption, full privacy as well as more security-focused features. Unlike typical email providers, your mailbox cannot be read by anyone but you, since all messages are encrypted. Providers such as Google, Microsoft and Yahoo scan messages for advertising, analytics and law enforcement purposes, but this poses a serious security threat
**Use Smart Key** | Advanced | OpenPGP also [does not support](https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection) Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. Therefore, you should take great care to keep your private keys safe. One method of doing so, is to use a USB Smart Key to sign or decrypt messages, allowing you to do so without your private key leaving the USB device. Devices which support this include [NitroKey](https://www.nitrokey.com/), [YubiKey 5](https://www.yubico.com/products/yubikey-5-overview/) (See [Yubico Neo](https://developers.yubico.com/ykneo-openpgp/)), [Smart Card](https://www.floss-shop.de/en/security-privacy/smartcards/13/openpgp-smart-card-v3.3) (See [guide](https://spin.atomicobject.com/2014/02/09/gnupg-openpgp-smartcard/)), [OnlyKey](https://onlykey.io/)
**Use Aliasing / Anonymous Forwarding** | Advanced | Email aliasing allows messages to be sent to [anything]@my-domain.com and still land in your primary inbox. Effectively allowing you to use a different, unique email address for each service you sign up for. This means if you start receiving spam, you can block that alias and determine which company leaked your email address. More importantly, you do not need to reveal your real email address to any company. <br>[Anonaddy](https://anonaddy.com) and [SimpleLogin](https://simplelogin.io/?slref=bridsqrgvrnavso) are open source anonymous email forwarding service allowing you to create unlimited email aliases, with a free plan