searchbox.form.submit();
</code></pre></section></section><section><section><h2>Useful web APIs
</h2><ul><li><a href="
https://api.telegram.org/"
>Telegram bot API
</a>: e.g. as simple push notifications
</li><li><a href="
https://ifttt.com/"
>IFTTT
</a>: service that glues many services together
</li></ul></section><section><h2>Quick notifications with Telegram
</h2><pre><code class="
bash"
>curl -L 'https://api.telegram.org/bot<TOKEN>/sendMessage?chat_id=<CHAT ID>&text=Build+completed.
</code></pre></section></section><section><h2>Extras
</h2><p>Automation with
<a href="
https://www.seleniumhq.org/"
>Selenium
</a></p></section><section class="
center"
><h1>Security and privacy
</h1></section><section><h2>Some security blogs
</h2><p><a href="
https://www.troyhunt.com/"
>Troy Hunt
</a></p><p><a href="
https://decentsecurity.com/"
>Decent Security
</a></p></section><section><h2>Know your threat model
</h2><p>Government? Random person getting hold of your laptop?
</p><p>There's always a tradeoff when you make things more secure
</p></section><section><a href="
https://xkcd.com/936/"
><img src="
https://imgs.xkcd.com/comics/password_strength.png"
></a></section><section><h2><a href="
https://haveibeenpwned.com/"
>Have I Been Pwned
</a></h2></section><section><h2>Password managers
</h2><ul><li><a href="
https://keepass.info/"
>KeePass
</a>: open-source, offline, .NET
</li><li><a href="
https://keepassxc.org/"
>KeePassXC
</a>: open-source, C++ port of above (works better for Linux/Mac)
</li><li><a href="
https://www.passwordstore.org/"
>pass
</a>: open-source, CLI, GPG-based
</li><li><a href="
https://bitwarden.com/"
>Bitwarden
</a>: open-source, self-hostable cloud based (also see
<a href="
https://github.com/dani-garcia/bitwarden_rs"
>bitwarden_rs
</a>)
</li><li><a href="
https://1password.com/"
>1Password
</a>: commercial 👎, cloud-based
</li><li><a href="
https://www.lastpass.com"
>LastPass
</a>: commercial 👎, cloud-based
</li></ul></section><section><h2>Full-disk encryption
</h2><p>Protect your data at rest
</p><ul><li>Windows: BitLocker (only available on Pro)
</li><li>Linux: LUKS/dm-crypt
</li><li>macOS: FileVault
</li><li>Cross-platform:
<a href="
https://www.veracrypt.fr/en/Home.html"
>VeraCrypt
</a></li></ul></section><section><a href="
https://xkcd.com/538/"
><img src="
https://imgs.xkcd.com/comics/security.png"
style="
height: 25ex;"
></a></section><section><h2>Plausible deniability
</h2></section><section><h2>File-based encryption
</h2><p>Protect individual files
</p><ul><li>Linux: eCryptFS,
<a href="
https://www.cryfs.org/tutorial"
>CryFS
</a></li><li>Cross-platform:
<a href="
https://www.veracrypt.fr/en/Home.html"
>VeraCrypt
</a></li><li>7-Zip
</li><li><a href="
https://github.com/FiloSottile/age"
>age
</a></li><li><a href="
https://github.com/skeeto/enchive"
>enchive
</a></li></ul></section><section><h2>VPN services (paid)
</h2><p>Protect your online privacy
</p><ul><li><a href="
https://mullvad.net/en/"
>Mullvad
</a> (based in Sweden)
</li><li><a href="
https://www.tunnelbear.com/"
>Tunnelbear
</a> (based in Canada)
</li><li><a href="
https://nordvpn.com/"
>NordVPN
</a> (based in Panama)
</li><li><a href="
https://protonvpn.com/"
>ProtonVPN
</a> (based in Switzerland)
</li></ul><p><a href="
https://thatoneprivacysite.net/vpn-comparison-chart/"
>Comparison table
</a></p></section><section><h2>VPN software
</h2><p>Run your own VPN
</p><ul><li><a href="
https://openvpn.net/community-downloads/"
>OpenVPN
</a></li><li><a href="
https://www.wireguard.com/"
>WireGuard
</a></li></ul><p>Setting up a server is out of scope. Here are some guides:
<a href="
https://wiki.archlinux.org/index.php/OpenVPN"
>OpenVPN
</a>,
<a href="
https://wiki.archlinux.org/index.php/WireGuard"
>WireGuard
</a></p><p>WireGuard is a very modern (but very new) VPN. If you are setting up a new VPN, and it meets your needs, use it!
</p></section><section><h2>Messengers
</h2><ul><li><a href="
https://signal.org/"
>Signal
</a>: Trusted by security community
</li><li><a href="
https://element.io/"
>Element/Matrix
</a>: Also trusted; federated
</li><li><a href="
https://www.whatsapp.com/"
>WhatsApp
</a>: Supposedly uses Signal protocol
</li><li><a href="
https://telegram.org/"
>Telegram
</a>: Questionable encryption
</li></ul><p>There are many other messengers but most offer no privacy at all.
</p></section><section class="
center"
><p>See
<a href="
https://privacytools.io"
>privacytools.io
</a> for more privacy-focused alternatives to common software.
</p><p>You could consider reducing your dependency on Google, for example, by moving to a different email provider.
</p></section><section><a href="
https://xkcd.com/1200/"
><img src="
https://imgs.xkcd.com/comics/authorization.png"
style="
height: 25ex;"
></a></section><section><h2><span style="
text-transform: none"
>PCs
</span> are unsafe
</h2><p>Mobile phones nowadays have better isolation
</p></section><section><h2>Thank you! Questions?
</h2><p>Feedback:
<a href="
https://docs.google.com/forms/d/e/1FAIpQLSfkQn7o5zzhUrqoqJ2Re36BsdRl-qc7oIpo5k89ZidjAFWlnA/viewform"
>bit.ly/2020ht4
</a></p></section></div></div><script src="
https://cdn.jsdelivr.net/gh/highlightjs/[email protected]/build/highlight.min.js"
></script><script src="
https://cdn.jsdelivr.net/npm/[email protected]/dist/highlightjs-line-numbers.min.js"
></script><script src="
https://cdn.jsdelivr.net/npm/[email protected]/dist/reveal.min.js"
></script><script src="
../asciinema-player.js"
></script><script src="
../reveal-highlight-v4.js"
></script><script>Reveal.initialize({
0 commit comments