gf4
/
personal-security-checklist
mirror of https://git.hackliberty.org/Awesome-Mirrors/personal-security-checklist
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: Update/ remove broken hyperlinks (#220)

pull/221/head
Alicia Sykes 2023-03-04 20:34:54 +00:00
parent 853a3e3b94
commit 44e17264cb
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@ -259,7 +259,7 @@ This section covers how you connect your devices to the internet securely, inclu
- [DNS Providers](https://github.com/Lissy93/awesome-privacy#dns)
- [Firewalls](https://github.com/Lissy93/awesome-privacy#firewalls)
- [Network Analysis Tools](https://github.com/Lissy93/awesome-privacy#network-analysis)
- [Self-Hosted Network Security Tools](#self-hosted-network-security)
- [Self-Hosted Network Security Tools](https://github.com/Lissy93/awesome-privacy#self-hosted-network-security)
## Mobile Devices
@ -282,9 +282,9 @@ More of us are concerned about how [governments use collect and use our smart ph
**Keep app count to a minimum** | Recommended | Uninstall apps that you dont need or use regularly. As apps often run in the background, slowing your device down, but also collecting data.
**App Permissions** | Recommended | Dont grant apps permissions that they dont need. For Android, [Bouncer](https://play.google.com/store/apps/details?id=com.samruston.permission) is an app that allows you you to grant temporary/ 1-off permissions.
**Only install Apps from official source** | Recommended | Applications on Apple App Store and Google Play Store are scanned and cryptographically signed, making them less likely to be malicious. Avoid downloading .apk or .ipa files from unverified source, unless you know it is safe. Also check the reviews, and app info before downloading a new application.
**Be Careful of Phone Charging Threats** | Optional | [Juice Jacking](https://www.fcc.gov/juice-jacking-dangers-public-usb-charging-stations) is when hackers use public charging stations to install malware on your smartphone or tablet through a compromised USB port. You can mitigate this, either by using a power bank or AC wall charger, or by using a simple data blocker device (See [USB Condom](https://shop.syncstop.com/products/usb-condom?variant=35430087052) or [PortaPow Blocker](http://portablepowersupplies.co.uk/))
**Be Careful of Phone Charging Threats** | Optional | [Juice Jacking](https://www.fcc.gov/juice-jacking-dangers-public-usb-charging-stations) is when hackers use public charging stations to install malware on your smartphone or tablet through a compromised USB port. You can mitigate this, either by using a power bank or AC wall charger, or by using a simple data blocker device (See [PortaPow Blocker](http://portablepowersupplies.co.uk/))
**Set up a mobile carrier PIN** | Recommended | [SIM hijacking](https://securelist.com/large-scale-sim-swap-fraud/90353/) is when a hacker is able to get your mobile number transferred to their sim (often through social engineering your mobile carrier). This then allows them to receive 2FA SMS codes (enabling them to access your secure accounts, such as banking), reset passwords, or to pose as you. The easiest way to protect against this is to set up a PIN through your mobile provider, thus disallowing anyone without this PIN to make any changes to your account. This varies between cell providers, so consult your mobile carrier for setup instructions. Using a non-SMS based 2FA method will reduce the damage, [Read more](https://us.norton.com/internetsecurity-mobile-sim-swap-fraud.html) about the sim swap scam.
**Opt-out of Caller ID Listings** | Optional | When one of your friends or colleagues has your number in their contacts, and also has a caller ID app, then your Name, Phone Number and any other saved contact details will be uploaded. To keep your details private, you can unlist it here: [TrueCaller](https://www.truecaller.com/unlisting), [CallApp](https://callapp.com/how-to/unlist-phone-number), [SyncMe](https://sync.me/optout), [cia-app](https://cia-app.com/self-service/delist-number), [Hiya](https://hiyahelp.zendesk.com/hc/en-us/requests/new?ticket_form_id=824667). Note that it is possible to opt-out, even before your number has been added, and this will prevent your details being uploaded in the future.
**Opt-out of Caller ID Listings** | Optional | When one of your friends or colleagues has your number in their contacts, and also has a caller ID app, then your Name, Phone Number and any other saved contact details will be uploaded. To keep your details private, you can unlist it here: [TrueCaller](https://www.truecaller.com/unlisting), [CallApp](https://callapp.com/how-to/unlist-phone-number), [SyncMe](https://sync.me/optout), [Hiya](https://hiyahelp.zendesk.com/hc/en-us/requests/new?ticket_form_id=824667). Note that it is possible to opt-out, even before your number has been added, and this will prevent your details being uploaded in the future.
**Use Offline Maps** | Optional | One of potential for data leaks is your map app which has access to your precise location, e.g. Google Maps which collects plenty of private data. Consider using an offline maps app, such as [OsmAnd](https://osmand.net/) or [Organic Maps](https://organicmaps.app/)
**Opt-out of personalized ads** | Optional | In order for ads to be personalized, Google collects data about you, you can slightly reduce the amount they collect by opting-out of seeing personalized ads. See [this guide](https://www.androidguys.com/tips-tools/how-to-disable-personalized-ads-on-android/), for Android instructions.
**Erase after too many login attempts** | Optional | To protect against an attacker brute forcing your pin, if you lose your phone, set your device to erase after too many failed login attempts. See [this iPhone guide](https://www.howtogeek.com/264369/how-to-erase-your-ios-device-after-too-many-failed-passcode-attempts/). You can also do this via Find my Phone, but this increased security comes at a cost of decreased privacy.
@ -296,9 +296,9 @@ More of us are concerned about how [governments use collect and use our smart ph
**Avoid Custom Virtual Keyboards** | Optional | Android and iOS allow you to download and use third-party keyboard apps. These apps will be able to access everything that you type on your phone/ tablet: passwords, messages, search terms etc. It is recommended to stick with your devices stock keyboard. If you choose to use one of these apps, ensure it is reputable, block internet access (can be done with a [firewall app](https://github.com/Lissy93/awesome-privacy#firewalls)), don't grant it permissions it does not need, and turn off analytics or other invasive features in it's settings. [This article](https://zeltser.com/third-party-keyboards-security) by Lenny Zelster explains things further
**Restart Device Regularly** | Optional | Over the years there have vulnerabilities relating to memory exploits (such as [CVE-2015-6639](https://www.cvedetails.com/cve/CVE-2015-6639) + [CVE-2016-2431](https://www.cvedetails.com/cve/CVE-2016-2431)). Restarting your phone at least once a week will clear the app state cached in memory. A side benefit is that your device may run more smoothly after a restart.
**Avoid SMS** | Optional | SMS may be convenient, but it's [not particularly secure](https://www.fortherecordmag.com/archives/0315p25.shtml). It is susceptible to threats, such as interception, sim swapping (see [this article](https://www.forbes.com/sites/kateoflahertyuk/2020/01/21/the-surprising-truth-about-sms-security)), manipulation and malware (see [this article](https://www.securitynewspaper.com/2019/09/13/hack-any-mobile-phone-with-just-a-sms)). <br>SMS should not be used to receive 2FA codes, (as demonstrated in the video in [this article](https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin)), instead use an [authenticator app](https://github.com/Lissy93/awesome-privacy#2-factor-authentication). SMS should not be used for communication, instead use an [encrypted messaging app](https://github.com/Lissy93/awesome-privacy#encrypted-messaging), such as [Signal](https://signal.org)
**Keep your Number Private** | Optional | [MySudo](https://mysudo.com/) allows you to create and use virtual phone numbers for different people or groups. This is great for compartmentalisation. Alternativley, use a VOIP provider like [Google Voice](https://voice.google.com) or [Skype](https://www.skype.com/en/features/online-number/), or for temporary usage you can use a service like [iNumbr](https://www.inumbr.com). Where possible, avoid giving out your real phone number while creating accounts online.
**Keep your Number Private** | Optional | [MySudo](https://mysudo.com/) allows you to create and use virtual phone numbers for different people or groups. This is great for compartmentalisation. Alternativley, use a VOIP provider like [Google Voice](https://voice.google.com) or [Skype](https://www.skype.com/en/features/online-number/). Where possible, avoid giving out your real phone number while creating accounts online.
**Watch out for Stalkerware** | Optional | This is a malware that is installed directly onto your device by someone you know (partner, parent, boss etc.). It allows them to see your location, messages and other app data remotely. The app likely won't show up in your app draw, (but may visible in `Settings --> Applications --> View All`). Sometimes they can be disguised as a non-conspicuous app (such as a game, flashlight or calculator) which initially don't appear suspicious at all. Look out for unusual battery usage, network requests or high device temperature. If you suspect that stalkerware is on your device, the best way to get rid of it is through a factory reset. See [this guide](https://blog.malwarebytes.com/stalkerware/2019/10/how-to-protect-against-stalkerware-a-murky-but-dangerous-mobile-threat/) for more details
**Favor the Browser, over Dedicated App** | Optional | Where possible, consider using a secure browser to access sites, rather than installing dedicatd applications. Both Android and iOS applications often have invasive permissions, allowing them intimate access to sensitive data and your devices sensors and radios. But [the extent to what these apps can access](https://www.wired.com/story/app-permissions/) is often not clear, and even [zero-permission apps](https://www.leviathansecurity.com/blog/zero-permission-android-applications) can see more data than you think: accessing phone sensors, vendor ID's and determine which other apps you have installed. All this is enough to identity you. In some situations you can still use a service, without having to install an application, through accessing it via the browser, and this can help mitigate a lot of the issues cause by untrustworthy apps
**Favor the Browser, over Dedicated App** | Optional | Where possible, consider using a secure browser to access sites, rather than installing dedicatd applications. Both Android and iOS applications often have invasive permissions, allowing them intimate access to sensitive data and your devices sensors and radios. But [the extent to what these apps can access](https://www.wired.com/story/app-permissions/) is often not clear, and even [zero-permission apps](https://veelasha.org/pubs/c2012.pdf) can see more data than you think: accessing phone sensors, vendor ID's and determine which other apps you have installed. All this is enough to identity you. In some situations you can still use a service, without having to install an application, through accessing it via the browser, and this can help mitigate a lot of the issues cause by untrustworthy apps
**Consider running a custom ROM (Android)** | Advanced | For Android users, if your concerned about your device manufacturer collecting too much personal information, consider a privacy-focused custom ROM, such as [Lineage](https://lineageos.org) or [GrapheneOS](https://grapheneos.org) - [see more](https://github.com/Lissy93/awesome-privacy#mobile-operating-systems)
**Recommended Software**
@ -331,7 +331,7 @@ Although Windows and OS X are easy to use and convenient, they both are far from
**Physically Secure Device** | Optional | When working from a laptop think about using a [Kensington Lock](https://www.kensington.com/solutions/product-category/security/) to secure your device to a permanent fixture. To help protect against an opportunistic local attack, consider utilizing [port locks](https://lindy.com/en/technology/port-blockers/), to prevent or slow down an intruder from dropping a malicious payload onto your device. Ideally never leave your laptop or other devices unattended
**Don't Charge Devices from your PC** | Optional | Connecting your smart phone to a computer can be a security risk, it's possible for [a self-signed malicious app](https://www.pcworld.com/article/2465320/the-biggest-iphone-security-risk-could-be-connecting-one-to-a-computer.html) to be installed, without your knowledge. Also both iPhone or Android device have sync capabilities, which can lead to data being unintentionally shared. If you need to charge your device, consider using a [USB data-blocker](/6_Privacy_and-Security_Gadgets.md#usb-data-blockers).
**Randomize your hardware address on Wi-Fi** | Optional | A [MAC Address](https://en.wikipedia.org/wiki/MAC_address) is an identifier given to a device (specifically the Network Interface Controller), and is is one method used to identify, and track you across different WiFi networks. Some devices allow you to modify or randomize how this address appears. See how, on [Windows](https://support.microsoft.com/en-us/help/4027925/windows-how-and-why-to-use-random-hardware-addresses), [MacOS](https://poweruser.blog/how-to-spoof-the-wifi-mac-address-on-a-macbook-25e11594a932) and [Linux](https://itsfoss.com/change-mac-address-linux/). <br>You should also disallow you device from automatically connect to open Wi-Fi networks
**Use a Firewall** | Optional | A firewall is a program which monitors incoming and outgoing traffic, and allows you to blocks internet access for certain applications. This is useful to stop apps from collecting data, calling home, or downloading unnecessary content- correctly configured, firewalls can help protect against remote access attacks, as well as protect your privacy. <br>Your system will have a built-in firewall (Check it's enabled: [Windows](https://support.microsoft.com/en-us/help/4028544/windows-10-turn-windows-defender-firewall-on-or-off), [Mac OS](https://support.apple.com/en-us/HT201642), [Ubuntu](https://wiki.ubuntu.com/UncomplicatedFirewall) and other [Linux ditros](https://www.tecmint.com/start-stop-disable-enable-firewalld-iptables-firewall)). Alternatively, for greater control, consider: [LuLu](https://objective-see.com/products/lulu.html) (MacOS), [gufw](http://gufw.org/) (Linux), [LittleSnitch](https://github.com/evilsocket/opensnitch), [SimpleWall](https://github.com/henrypp/simplewall) (Windows), there's plenty more [firewall apps](https://github.com/Lissy93/awesome-privacy#firewalls) available
**Use a Firewall** | Optional | A firewall is a program which monitors incoming and outgoing traffic, and allows you to blocks internet access for certain applications. This is useful to stop apps from collecting data, calling home, or downloading unnecessary content- correctly configured, firewalls can help protect against remote access attacks, as well as protect your privacy. <br>Your system will have a built-in firewall (Check it's enabled: [Windows](https://support.microsoft.com/en-us/help/4028544/windows-10-turn-windows-defender-firewall-on-or-off), [Mac OS](https://support.apple.com/en-us/HT201642), [Ubuntu](https://wiki.ubuntu.com/UncomplicatedFirewall) and other [Linux ditros](https://www.tecmint.com/start-stop-disable-enable-firewalld-iptables-firewall)). Alternatively, for greater control, consider: [LuLu](https://objective-see.com/products/lulu.html) (MacOS), [gufw](https://costales.github.io/projects/gufw/) (Linux), [LittleSnitch](https://github.com/evilsocket/opensnitch), [SimpleWall](https://github.com/henrypp/simplewall) (Windows), there's plenty more [firewall apps](https://github.com/Lissy93/awesome-privacy#firewalls) available
**Protect Against Software Keyloggers** | Optional | A software keylogger is a malicious application running in the background that logs (and usually relays to a server) every key you press, aka all data that you type (passwords, emails, search terms, financial details etc). The best way to stay protected, is to keep your systems security settings enabled, and periodically check for rootkits- which will detect most loggers. Another option, is to use a key stroke encryption tool. For Windows there is [GhostPress](https://schiffer.tech/ghostpress.html), [Spy Shelter](https://www.spyshelter.com/) or [KeyScrambler](https://www.qfxsoftware.com) (developed by Qian Wang) which encrypt your keystrokes at the keyboard driver level, and then decrypting them at the application level, meaning any software keylogger would just receive encrypted data.
**Check Keyboard Connection** | Optional | Check your keyboards USB cable before using, bring your own keyboard to work and watch out for signs that it may have been tampered with. A hardware keylogger is a physical device that either sits between your keyboard and the USB connection into your PC, or is implanted into a keyboard. It intercepts and stores keystrokes, and in some cases can remotely upload them. Unlike a software logger, they can not be detected from your PC, but also they can not intercept data from virtual keyboards (like [OSK](https://support.microsoft.com/en-us/help/10762/windows-use-on-screen-keyboard)), clipboard or auto-fill password managers.
**Prevent Keystroke Injection Attacks** | Optional | Always lock your PC when you step away from it (however this is not fool-proof, and [can be circumvented](https://www.youtube.com/watch?v=a4OyqaqFDW0)). For Linux, there is [USBGuard](https://github.com/USBGuard/usbguard), and for Windows there's [DuckHunt](https://github.com/pmsosa/duckhunt), which will detect super fast (badUSB-level super-fast) it will block input until the attack stops. Alternatively, Windows Group Policy can also be [configured to not trust new devices by default](https://www.itechtics.com/enable-gpedit-windows-10-home/). [Port Blockers](https://lindy.com/en/technology/port-blockers/) provide some level of physical protection, which may prevent an opportunistic attack, but can be circumvented fairly easily
@ -374,7 +374,7 @@ The most privacy-respecting option, would be to not use "smart" internet-connect
**Set privacy settings, and opt out of sharing data with third parties** | Recommended | Once installed, go to settings in the app, and under privacy ensure the strictest options are selected. Usually by default, the most possible data is being collected.
**Don't link your smart home devices to your real identity** | Recommended | Use a unique user name and password which does not identify you, your family, your location or any other personal details. When creating an account for a new smart home device, do not sign up/log in with Facebook, Google or any other third-party service.
**Keep firmware up-to-date** | Recommended | Ensure firmware versions on smart devices are up-to-date and software patches have been applied. Most smart home apps will notify you when a new firmware version is available, so all you have to do it accept and install.
**Protect your Network** | Recommended | On many smart home devices, anybody connected to your home WiFi is able to view the device content (such as camera footages, or motion statistics). So ensure that your WiFi and home networks are properly secured with a strong password and up-to-date firmware. (See the [Router Section](#your-router) for more details)
**Protect your Network** | Recommended | On many smart home devices, anybody connected to your home WiFi is able to view the device content (such as camera footages, or motion statistics). So ensure that your WiFi and home networks are properly secured with a strong password and up-to-date firmware.
**Be wary of wearables** | Optional | Wearable smart devices allow companies to log even more data than ever before; they can track your every move to know exactly where you are and what you are doing at any given time. Again, you as the consumer have no control over what is done with that data.
**Don't connect your home's critical infrastructure to the Internet** | Optional | While a smart thermostat, burglar alarm, smoke detector and other appliances may seem convenient, they by design can be accessed remotely, meaning a hacker can gain control of your entire home, without even needing to be nearby. And by breaching multiple devices, the effects can be very serious.
**Mitigate Alexa/ Google Home Risks** | Optional | It is a known fact that voice-activated assistants collect a lot of personal data, and open the door to a myriad of security issues. Consider switching to [Mycroft](https://mycroft.ai/) which is an open source alternative, with much better privacy. Alternativley, if you wish to continue using your current voice assistant, check out [Project Alias](https://github.com/bjoernkarmann/project_alias), which prevents idle listening
@ -394,7 +394,7 @@ Note about credit cards: Credit cards have technological methods in place to det
**Security** | **Priority** | **Details and Hints**
--- | --- | ---
**Sign up for Fraud Alerts and Credit Monitoring** | Recommended | A Fraud Alert is a note on your credit report, that asks any business seeking your credit report to contact you to confirm your identity before granting credit in your name. Credit Monitoring tracks your credit history, and will alert you to any suspicious activity. You can enable fraud alerts and credit monitoring through credit the bureau's websites: [Experian](https://www.experian.com/fraud/center.html), [TransUnion](https://www.transunion.com/fraud-alerts) or [Equifax](https://www.freeze.equifax.com/)
**Sign up for Fraud Alerts and Credit Monitoring** | Recommended | A Fraud Alert is a note on your credit report, that asks any business seeking your credit report to contact you to confirm your identity before granting credit in your name. Credit Monitoring tracks your credit history, and will alert you to any suspicious activity. You can enable fraud alerts and credit monitoring through credit the bureau's websites: [Experian](https://www.experian.com/fraud/center.html), [TransUnion](https://www.transunion.com/fraud-alerts) or [Equifax](https://www.equifax.com/personal/credit-report-services/credit-freeze/)
**Apply a Credit Freeze** | Recommended | A credit freeze will prevent anyone from requesting your credit report, hence stop someone applying for a financial product in your name, or a corporation requesting your details without your consent. You will need to temporarily disable your credit freeze before getting a loan, or any other financial product. You can freeze your credit through credit the bureau's website: [Experian](https://www.experian.com/freeze/center.html), [TransUnion](https://www.transunion.com/credit-freeze) and [Equifax](https://www.freeze.equifax.com/)
**Use Virtual Cards** | Optional | Virtual card numbers let you pay for items without revealing your real card or banking details. They also offer additional features, such as single-use cards and spending limits for each card. This means you will not be charged more than you specified, or ongoing subscriptions or in the case of a data breach. [Privacy.com](https://privacy.com/join/VW7WC), [MySudo](https://mysudo.com/) and [others](https://github.com/Lissy93/awesome-privacy#virtual-credit-cards) offer this service
**Use Cash for Local Transactions** | Optional | Unlike any digital payment method, cash is virtually untraceable. Using cash for local and everyday purchases will prevent any financial institution building up a comprehensive data profile based on your spending habits
@ -431,7 +431,7 @@ Many data breaches, hacks and attacks are caused by human error. The following l
**Store personal data securely** | Recommended | Backing up important data is important. But ensure that all information that is stored on your phone/laptop, USB or in a cloud is encrypted. That way, if it is accessed by a hacker (which unfortunately is all too common), it will be almost impossible for them to get to your personal files. For USB devices, see [VeraCrypt](https://www.veracrypt.fr/en/Home.html). For cloud backup, see [Cryptomator](https://cryptomator.org), and for your phone and laptop, see [this guide](https://www.howtogeek.com/260507/psa-encrypt-your-pc-phone-and-tablet-now.-youll-regret-it-later-if-you-dont)
**Obscure Personal Details from Documents** | Recommended | When sharing any document, photo or video- be sure to blank out text with an opaque rectangle. Be careful with blurring/ pixelating out text, as this could be recovered (using something like [Depix](https://github.com/beurtschipper/Depix)). This is especially true for video footage (such as with license plates), since an adversary has more frames to work with
**Do not assume a site is secure, just because it is `HTTPS`** | Recommended | Unlike HTTP, data sent over HTTPS is encrypted. However that does not mean you should trust that website by default. HTTPS Certificates can be obtained by anybody, so a cloned or scam site may have a valid certificate (as denoted by the padlock icon). Always check the URL, and don't enter any personal details unless you are certain a website is legitimate. Avoid entering data on any site that is not HTTPS
**Use Virtual Cards when paying online** | Optional | There are risks involved in entering your card details on any website. Credit cards have better consumer protection, compared to debit or bank cards, meaning you are more likely to be recompensated for fraudulent transactions, however they collect and sometimes sell your transaction history. A better option would be to pay with a virtual, 1-time card. This will mean that even if those credentials are compromised a hacker will not be able to lift any of your money. You can also set limits, or create single-use cards, to prevent being over-charged. [Privacy.com](https://privacy.com/join/VW7WC) offer virtual payment cards for that you can use anywhere on the internet, as does [Revolut Premium](revolut.ngih.net/Q9jdx)
**Use Virtual Cards when paying online** | Optional | There are risks involved in entering your card details on any website. Credit cards have better consumer protection, compared to debit or bank cards, meaning you are more likely to be recompensated for fraudulent transactions, however they collect and sometimes sell your transaction history. A better option would be to pay with a virtual, 1-time card. This will mean that even if those credentials are compromised a hacker will not be able to lift any of your money. You can also set limits, or create single-use cards, to prevent being over-charged. [Privacy.com](https://privacy.com/join/VW7WC) offer virtual payment cards for that you can use anywhere on the internet, as does [Revolut Premium](https://www.revolut.com/)
**Review application permissions** | Optional | Ensure that no app have unnecessary access to your photos, camera, location, contacts, microphone, call logs etc. See these guides for how to manage app permissions on [Android](https://www.howtogeek.com/230683/how-to-manage-app-permissions-on-android-6.0) and [iOS](https://www.howtogeek.com/211623/how-to-manage-app-permissions-on-your-iphone-or-ipad). On Android, there is a great app called [Exodus Privacy](https://play.google.com/store/apps/details?id=org.eu.exodus_privacy.exodusprivacy), that displays all permissions, and trackers for each of your installed apps
**Opt-out of public lists** | Optional | In many countries there are public databases that include citizens names, addresses, contact numbers and more. This can often result in unwanted contact from marketing companies, but in some cases used for harassment, stalking and fraud. [This guide](https://www.worldprivacyforum.org/2015/08/consumer-tips-top-ten-opt-outs) from The World Privacy Forum provides good instructions for how to approach this. This includes opting out of: Marketing, Financial Institution Listings, Mail Spam, FERPA Education Listings, Data Brokers and Advertising, as well as joining the National Do Not Call Registry
**Never Provide Additional PII When Opting-Out** | Optional | When removing yourself from less mainstream data sharing services, do not enter any additional intormation in the opt-out form than what is already publicly availible through that site. There have been cases where this extra info is used elsewhere to add more details to your record
@ -469,7 +469,7 @@ Strong authentication, encrypted devices, patched software and anonymous web bro
**Protect your Home Address** | Optional | Don't set your home address in your phones settings, instead consider selecting a location in a similar region to where you live. Consider storing devices in faraday cage when at your home address. For deliveries, consider using an alias names, and if possible a forwarding or pickup address for receiving online deliveries. You could also combine this with anonymous payment (such as virtual card numbers/ privacy.com, cryptocurrency or cash), and a forwarding email address or VOIP number
**Use a PIN, Not Biometrics** | Advanced | For situations where law enforcement may be involved (such as a protest, or journalism), if your device is seized, authorities can not force you to hand over your device pin code, however they can ask for your fingerprint or face scan to unlock a device. Therefore in these situations disable biometric unlock.
**Reduce exposure to CCTV** | Advanced | Wearing a hat, hoodie, dark glasses or face cover can make it harder for your identity to be known. Less busy streets tend to have fewer cameras. Knowing where cameras in your local area are, can help you avoid being caught on them. See more in [this article](http://snallabolaget.com/hiding-from-surveillance-how-and-why) by Snälla Bolaget
**Anti-Facial Recognition Clothing** | Advanced | Most facial-recognition methods can be easily tricked with certain [patterns](https://www.theguardian.com/technology/2017/jan/04/anti-surveillance-clothing-facial-recognition-hyperface). Example products from: [Adversarial Fashion](https://adversarialfashion.com) or this item on [Redbubble](https://www.redbubble.com/i/t-shirt/Anti-Surveillance-Clothing-by-Naamiko/24714049.1YYVU).
**Anti-Facial Recognition Clothing** | Advanced | Most facial-recognition methods can be easily tricked with certain [patterns](https://www.theguardian.com/technology/2017/jan/04/anti-surveillance-clothing-facial-recognition-hyperface). Example products from: [Adversarial Fashion](https://adversarialfashion.com).
**Reduce Night Vision Exposure** | Advanced | Infrared night vision cameras are very easy to block, by using a small IR light source, which is invisible to the human eye, but blinds night vision cameras. Alternatively super-reflective glasses (see [Reflectacles](https://www.reflectacles.com)) can also fool night vision cameras.
**Protect your DNA** | Advanced | DNA is totally unique person-to-person, and can directly identify you. Therefore it is important to avoid sharing this information, [do not submit your DNA to heritage websites](https://internethealthreport.org/2019/23-reasons-not-to-reveal-your-dna/), be careful about [where you leave your DNA](https://youtu.be/MoX_BDWZUG0).