Updated 28-Jun-2024
The great work of so many organizations are directing consumers and devops to weave crypto through everything: every communication, transaction, and interaction in the digital, as well as offline world. Why? Well because there are no functional legal rights currently present in all countries regarding the search and seizure of devices and the hacking and wiretapping through networks. Every day reports are made regarding abuse of power, such as yesterday a US Mayor having devices seized and passwords required before he could leave the airport. Of course the best course of action with physical devices is to not have them with you (they cannot be seized), and so using devices that are disposable, and all computing done on disposable devices, is best. And the devices should use secure protocols as well as secure appropriate data. The best would be to have all data significantly present, but invisible, everywhere. Eventually that will happen, in the meantime there are some things for the average citizen to do, as well as those of us who run servers.
Awareness is Key
Awareness of vulnerabilities is key, though usually tasked with specific security specialists. Switch to better, more secure tools. Change daily practices to be more secure. Like any lifestyle change, it should become habit, informed with increasing levels of understanding.
Everyday Tools
- Telegram is a great secure chat.
Everyday Practices
- Autodelete Tweets as well as Favorites
- Remove old text messages
- Delete old mail Note that real information should be saved somewhere. But essentially everything has a time horizon. I think 5 years is more than sufficient.
Server Stuff
- TLS and HTTP/2, note implementations are not necc. production ready, but mod_h2 looks like a good place to start
- Let's Encrypt free TLS certs
- BetterCrypto
- Discussion on TLS implementation in WordPress environments