madaidans-insecurities.github.io
book
Our great sponsors
| madaidans-insecurities.github.io | book | |
|---|---|---|
| 29 | 3 | |
| 132 | 68 | |
| - | - | |
| 0.0 | 0.0 | |
| 4 months ago | 11 months ago | |
| HTML | Dockerfile | |
| - | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
madaidans-insecurities.github.io
-
Best base OS for laptop
Recommend reading the Linux sections on https://madaidans-insecurities.github.io/
-
My privacy journey -thanks to this and r/privacy sub AND how can I make it better
That's somewhat telling and can be used to "track" you, consider reading on non-Reddit privsec learning resources like Privacy Guides itself which you already know, PrivSec.Dev, madaidan's Insecurities and the like.
-
super secure phone with vpn
Considering the offer is legitimate (something I won't comment on), you shouldn't do most of these things, in my opinion. Don't mess with what'll be other people's phones. Sell them Pixels pre-installed with GrapheneOS and print papers with Auditor attestation instructions and maybe a few QR codes directing them to relevant documentation and privsec learning resources, such as the GrapheneOS documentation first and foremost, Privacy Guides, madaidan's Insecurities, PrivSec.dev, Seirdy's Home, Wonderfall's Lab, etc...
- Security and Privacy Evaluations
-
Desktop User: Should I use a "hardened" kernel?
i never used it myself. only learned about it from security experts like madaidan or hardening guides like this one.
- Is Your Computer Safe ?
-
Ask HN: How do you trust that your personal machine is not compromised?
For some excellent advice on security and privacy based on thoroughly researched technical concerns rather than speculation or blind trust in your corporation of choice, see here: https://madaidans-insecurities.github.io/
- Which do you prefer? Whonix or Tails for cyber security and privacy?
- Million-dollar Monero wallet idea
- Can a PDF file contain a virus?
book
-
Ask HN: How do you trust that your personal machine is not compromised?
> For details on how I use Qubes specifically see: https://github.com/hashbang/book/blob/master/content/docs/se...
How is this not a contradiction?
>6. Manual PRIVILEGED SYSTEM mutations MUST be approved, witnessed, and recorded
>7. PRIVILEGED SYSTEM mutatations MUST be automated and repeatable via code
-
Ask HN: What are you doing to secure your software supply chain?
Some of my clients pay to do double review of all dependencies.
Others go as far as distributed deterministic builds to ensure CI/CD systems themselves are not compromised.
Here are the latest public iterations of my recommendations.
https://github.com/talos-systems/rfcs/blob/main/001-software...
Also here are complimentary practices to ensure the production engineers that must have access to CI/CD systems etc don't themselves become a weak link in the supply chain (which happens a -lot-).
https://github.com/hashbang/book/blob/master/content/docs/se...
Shameless plug: My company Distrust (short for Distributed Trust), offers auditing, consulting, and support so companies can avoid single points of failure in their supply chains from third party libs to the hands of end users. Happy to chat with anyone that wants some outside eyes in this area!
What are some alternatives?
ansible-collection-hardening - This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
mvt - MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
iceraven-browser - Iceraven Browser
silverblue-site - Historic website for Fedora Silverblue. Now at https://gitlab.com/fedora/websites-apps/fedora-websites/fedora-websites-3.0
Win32-OpenSSH - Win32 port of OpenSSH
tripwire-open-source - Open Source Tripwire®
qubes-app-split-browser - Tor Browser (or Firefox) in a Qubes OS disposable, with persistent bookmarks and login credentials
rfcs
magic-wormhole - get things from one computer to another, safely [Moved to: https://github.com/magic-wormhole/magic-wormhole]
rustls - A modern TLS library in Rust
itpol - Useful IT policies
panzerlop - Configuration Guides for fixing things in Linux, Proton & KDE