Security Recommendations

1. Do not trust anything to be absolutely secure.
2. Do not trust anything to be secure based on it being advertised as secure.
3. Avoid Intel processors because Intel Management Engine (IME) is not trusted.
   • https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it
4. Avoid closed-source operating systems, like Microsoft Windows, etc.
5. Do not prefer closely-compiled open-source operating systems.
6. Do not prefer closed-source drivers, system components, keyboards, package managers, application stores, or applications, etc.
   • Try HeliBoard open-source keyboard on Android.
   • Try LibreWolf, Mozilla Firefox, Fennec F-Droid, Mull, or Ungoogled Chromium open-source web browsers.
   • Try K-9 Mail open-source email client.
   • Try KeePassXC, KeePassDX open-source password managers.
   • Try LibreOffice open-source office suite.
   • Try Aurora Store as an alternative frontend to Google Play Store.
7. Prefer open-source application stores, like F-Droid, Fossdroid, etc. on Android.
8. Avoid storing installer files or copying them from others by any means.
9. Avoid untrusted activators for OS or applications, like KMSPico, etc.
10. Avoid cracked or pirated OS or applications.
11. Do not prefer those Android applications that are reported by Exodus Privacy to be known to have tracker SDK(s).
    • F-Droid
12. Use uBlock Origin extension on web browsers. Try enabling the desired filter lists.
    • Mozilla Firefox based browsers: Mozilla Add-ons
    • Chromium based browsers: Chrome Web Store
13. Use Decentraleyes extension on web browsers to block tracking via CDNs (Content Delivery Networks).
    • Mozilla Firefox based browsers: Mozilla Add-ons
    • Chromium based browsers: Chrome Web Store
14. Use OpenPGP email encryption.
    • https://youtu.be/CEADq-B8KtI
15. Calculate and match hash (MD5, SHA256, SHA512, etc.) values of files after file transfers.
    • You can try my open-source application, Bitscoper Cyber ToolBox.
      • Microsoft Store: https://apps.microsoft.com/detail/9n6r5lxczxl6
      • Google Play Store: https://play.google.com/store/apps/details?id=bitscoper.bitscoper_cyber_toolbox
16. Use virtual machines for isolation purposes.
17. Try OnionShare to chat, share files, and serve static websites over TOR.
    • https://youtu.be/gCDbHkpkNJ0
18. Try a VPN when using TOR to hide the TOR transmissions.
19. Try using separate email addresses and mobile numbers for communication and account’s security.
20. Do not trust the SMS verification method blindly. Prefer TOTP (RFC 6238) instead.
    • https://youtu.be/VEfkt29moE8
    • X / Twitter
    • Facebook
21. Some VPNs, like Mullvad VPN and Calyx VPN, have good names.
22. Host your own NextCloud instance for collaboration.

Take a look:

• https://en.wikipedia.org/wiki/PRISM
• https://en.wikipedia.org/wiki/Tempora
• https://en.wikipedia.org/wiki/XKeyscore