[liberationtech] FW: The security and ethics

Sat Feb 12 10:15:39 PST 2011

Yes, I think it's possible if we set realistic bounds on what we're
trying to achieve. Keeping the T-CLOCK analogy in mind, let's not try to
create a comprehensive training course in computer security - let's just
identify a small number of points with maximal impact on people's
security. For example:

1) Keep your antivirus software up to date. (Free antivirus software is
available from X, Y, Z.)

2) Every password should include upper and lower case letters, digits
and punctuation, and should not be based on a dictionary word.

3) Don't reuse passwords between different accounts.

4) Configure your computer to require a password. (Here's how.)

5) Use separate accounts for sensitive and non-sensitive communication.

6) Use separate phones for sensitive and non-sensitive communication -
using separate SIM cards isn't enough.

7) Remove the battery from your phone before visiting sensitive locations.

8) If you're using Firefox, install HTTPS Everywhere. (Here's how.)

9) Configure your browser to delete all history when you close the
browser. (Here's how.)

10) Empty the recycle bin after deleting sensitive files. (Here's how.)

11) Store sensitive files on a removable USB stick that can be destroyed.

...any other ideas? Are any of the above points bad advice or low
priority? Can we come up with a catchy acronym?

We could also think about writing short guides for specific tasks - how
to set up an anonymous email account, etc - but I feel like the Tactical
Technology Collective has that approach covered already, so maybe it's
better to just point people to their guides:

https://security.ngoinabox.org/en/

Cheers,
Michael

On 10/02/11 10:12, P.A.Bernal at lse.ac.uk wrote:
> That sounds like exactly the sort of thing that I'd be looking for
> too. Is it actually possible?
> 
> Paul
> 
> 
> -----Original Message----- From:
> liberationtech-bounces at lists.stanford.edu on behalf of Michael
> Rogers Sent: Thu 2/10/2011 9:58 AM To: Ian Young Cc:
> liberationtech at lists.stanford.edu Subject: Re: [liberationtech] FW:
> The security and ethics
> 
> On 10/02/11 01:23, Ian Young wrote:
>> Do guides roughly equivalent to TCLOCK exist for digital 
>> security/crypto?
> 
> Hi Ian,
> 
> Thank you - I think that's exactly the question we should be asking.
> 
> If there's a short, accessible guide to practical digital security
> that the techies on this list can get behind then let's identify it.
> If there isn't then let's write it.
> 
> Cheers, Michael _______________________________________________ 
> liberationtech mailing list liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you
> click above) next to "would you like to receive list mail batched in
> a daily digest?"
> 
> You will need the user name and password you receive from the list
> moderator in monthly reminders.
> 
> Should you need immediate assistance, please contact the list
> moderator.
> 
> Please don't forget to follow us on
> http://twitter.com/#!/Liberationtech
> 
> 
> Please access the attached hyperlink for an important electronic
> communications disclaimer: http://lse.ac.uk/emailDisclaimer