Machine learning has become more and more powerful, to the point where a bad actor can take a photo and a voice recording of someone you know, and forge a complete video recording. Bad actors can now digitally impersonate someone you love, and trick you into doing things like paying a ransom. To mitigate that risk, I have developed this simple solution where you can setup a unique time-based one-time passcode (TOTP) between any pair of persons.
Github: https://github.com/ksze/PeerAuth
Since 2014, Operation Safe Escape has been working with survivors of domestic violence, stalking, and harassment to help them find safety and freedom.
Operation Safe Escape is a 501c3 nonprofit organization, founded in 2016 with a single goal: to make sure that every person impacted by domestic violence has the resources, information, and confidence that they need to leave their abuser and stay safe once they do. We are an organization of security and safety professionals, volunteering our time and expertise to help people stay safe and live their best lives. And we do it all for free. We don’t change you to help you protect yourselves or your clients. We don’t change the people that come to us for help. We don’t make a profit, we’re just here because we want to help. We have experts in computer and mobile device security, forensics, physical security, tech support, OPSEC, OSINT, and online privacy.
We’ve participated in over 3,000 successful escapes, and we’re a trauma informed / survivor-centric organization. Every one of our volunteers have thorough background checks; safety and trust is paramount to us. We have over 100 volunteers with backgrounds in law enforcement, military, technology, advocacy, and other relevant skills that we can provide to your organization. No matter how skilled or knowledgeable the abuser or stalker is, we’re stronger when we all work together.
SEC is a resource for people teaching digital security to their friends and neighbors. If you’d like to help your community learn about digital security but aren’t sure where to start, these articles, lesson plans, and teaching materials are for you!
License: CC-BY
The EFF is involved.
I recently needed to go on holiday, and was staying in a hotel with WiFi. Out of an abundance of paranoia, I decided to try setup a “router” that could sit between my devices and the hotel network.
Requires a USB wifi NIC in addition because the Pi has only one wireless interface.
I don't know why they needed to name a travel router this, but whatever.
This is for anyone who seeks to enhance their digital hygiene and security in light of anticipated or existing threats, but it is especially designed for women, Black, indigenous, and people of color, trans people, and everyone else whose existing oppressions are made worse by digital violence. It details best security practices for social media, email, online gaming, website hosting, and protecting privacy of personal information online, as well as the documentation and reporting of harassment, and caring for yourself emotionally during an online attack. You don’t need any specialized knowledge to use this guide – just basic computer and internet skills.
The authors of the guide have all been targets of cyber attacks ourselves; we’ve written the guide we needed when the attacks on us began. We’re all based in the USA, but we’ve done our best to make it useful no matter where you live.
The open source password manager for teams.
Whether you’re experiencing or witnessing online abuse, this Field Manual offers concrete strategies for how to defend yourself and others. We wrote this guidance with and for those disproportionately impacted by online abuse: writers, journalists, artists, and activists who identify as women, BIPOC, and/or LGBTQIA+. Whatever your identity or vocation, anyone active online will find useful tools and resources here for navigating online abuse and tightening digital safety.
Securely store passwords using industry standard encryption, quickly auto-type them into desktop applications, and use our browser extension to log into websites.
Complete database encryption using industry standard 256-bit AES. Fully compatible with KeePass Password Safe formats. Your password database works offline and requires no internet connection.
Every feature looks, feels, works, and is tested on Windows, macOS, and Linux. You can expect a seamless experience no matter which operating system you are using.
A plugin for Firefox that lets you interface with a KeepassXC password manager.
Note that this is an official KeepassXC project, not somebody's third party code.
Given the shifting state of the law, people seeking an abortion, or any kind of reproductive healthcare that might end with the termination of a pregnancy, may need to pay close attention to their digital privacy and security. We've previously covered how those involved in the abortion access movement can keep themselves and their communities safe. We've also laid out a principled guide for platforms to respect user privacy and rights to bodily autonomy. This post is a guide specifically for anyone seeking an abortion and worried about their digital privacy. There is a lot of crossover with the tips outlined in the previously mentioned guides; many tips bear repeating.
The increasing risk that the Supreme Court will overturn federal constitutional abortion protections has refocused attention on the role digital service providers of all kinds play in facilitating access to health information, education, and care—and the data they collect in return.
In a post-Roe world, service providers can expect a raft of subpoenas and warrants seeking user data that could be employed to prosecute abortion seekers, providers, and helpers. They can also expect pressure to aggressively police the use of their services to provide information that may be classified in many states as facilitating a crime.
Whatever your position on reproductive rights, this is a frightening prospect for data privacy and online expression. That’s the bad news.
This page is organized into different security-related threats. You can jump to the ones that most concern you. Along with each scenario is a list of digital security tips to neutralize the threat!
This post will detail the steps involved to configure an Android device to audit the traffic of any app installed on it, requiring no other device to be physically present. The device will have to be rooted in order to install the software required for this setup. All of the software required in this post is free of cost and open-source, not requiring an extra penny of investment above and beyond that of the device itself. The end result will allow the user to open an app in a specialized way that allows the traffic to be logged, without attaching extraneous devices or requiring the device to be connected to any specific network or access point.
The Digital First Aid Kit is a free resource to help rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. It can also be used by activists, human rights defenders, bloggers, journalists or media activists who want to learn more about how they can protect themselves and support others. If you or someone you are assisting is experiencing a digital emergency, the Digital First Aid Kit will guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed.
A mirror of the site can be downloaded for archival and offline use: https://digitalfirstaid.org/dfak-offline.zip
Git repo: https://gitlab.com/rarenet/dfak
License: Creative Commons By-Attribution v4.0
These links are not meant to be scary - they are meant to be strictly informative. These things are not at all exclusive to furries - but are seen throughout the internet and in real life. These guides are made to make the fandom a safer place and to make people more aware of issues they otherwise may not know about.
While this is primarily for use in the Furry Fandom it applies to everyone online, minor or not. This is just a guide to help people spot signs of abuse. Please know that some of these alone do not mean anything - however if there is a pattern please ask a trusted friend or family member about what you are experiencing. Please pass this on to people who you feel may be suffering from abuse. Feel free to repost as this is a community resource.
To access personal data that isn't available in Your Account or in your device (e.g. your search history):
A password manager/generator that takes a master password, a URL, a username, and optionally a serial number (for when you have to change passwords) and (re)generates the password for you. Requires no database or third party storage - the right password is always generated for you. Desktop versions, browser plugins, and a cli tool.
No notepad feature, so no storing your 2fa recovery codes there.
A FOSS hacker's guide to CLI, privacy, security, self-hosting, and the Internet.
Github: https://github.com/hashbang/book
A curated checklist of tips to protect your digital security and privacy.