Given the pending threat of totalitarian tyranny. Cybersecurity is not only a noble, but also a profitable pursuit; if one has the aptitude for it.
Electronic espionage is the backbone of organized stalking, even more so than spiritual or ethereal monitoring, or the weaponization of the informant system.
Personal computers are safer than smartphones. Smartphones are vulnerable. As a general rule of thumb: Do not have information in your smartphone that you’re unwilling for hostile groups to have access to, including your location. The inherent vulnerability of smarphones stems from their: 1) sim card, 2) wireless connectivity, 3) battery, 4) limited user-control over operating system (which means trusting either Google, or Apple with your information).
Furthermore, smartphones have been infamously, and ridiculously vulnerable to hacking software such as NSO’s Pegasus ✡, which has been used around the world to assassinate journalists, particularly in Mexico, and Saudi Arabia.
Officially, only Apple has developed the technology to provide the location of a user, even when his iPhone has been turned off (AirTag mode). But if a device has already been hacked, it would be theoretically possible to power it on by means of commands, specially given the sim card. Nonetheless, having Android turned off should prevent it from reporting the owner's location to hostile groups; but it is not guaranteed.
Applications such as Telegram may provide secure communication between devices, but if one of the devices becomes compromised, then the entire communication becomes compromised. What this means is, that encrypted communication between users of applications such as Telegram are only safe if the individuals communicating are unknown, but if one of the individuals communicating becomes known (which means knowing their phone number) then the entire communication is compromised; since although it is most expensive to have smartphones hacked by means of software such as NSO’s Pegasus ✡, it is pennies for governments.
AMD Processors are better than Intel Processors. Intel has had scandals of backdoors in its products.
Theoretically, Hardware Firewalls can be installed in one's home network, in case the Operating System itself becomes compromised; but this is expensive and advanced.
Windows is better than Mac, due to greater compatibility with applications centered around security. Linux is more secure than Windows, but besides being cumbersome, and requiring substantially more technical knowledge, it lacks the functionality necessary to make it viable for everyday activities (and even certain essential server activities). It is possible to have a Windows set-up, good enough for political activism.
Free VPNs and proxies are better than nothing, TOR is better than free VPNs and proxies, a paid VPN is better than TOR (and without the stigma), TOR over paid VPN is arguably better than a paid VPN alone – but this set-up has to be done correctly
The value of VPNs is proven by their outlawing by authoritarian governments. ExpressVPN ✡ has had scandals of incompetence, and corruption. I personally use NordVPN for no particular reason; Although I appreciate their enthusiasm for continuing to develop VPN technology, they seem surprisingly ignorant about certain aspects of the threat of mass surveillance, which may lead them to genuinely overestimate VPNs as a solution.
NordVPN has been hacked at least twice; if they get hacked again, they won't tell you; which may be the equivalent of TOR nodes going hostile twice. NordVPN is linked to the World Economic Forum.
NordVPN provides the unique perk of “post-quantum” encryption for its NordLynx protocol based on novel Wireguard. Which may prove resilient against NSA’s, and alien hacking. Post-Quantum NordLynx Protocol is also available for their Double-VPN Specialty Servers.
Traffic between your computer and websites or hosts is protected by the use of a paid VPN, but the split tunneling feature of VPN clients has to be disabled.
Hostile websites identify users through: 1) Cookies, 2) IP Address, 3) Fingerprinting. Youtube is hyper-hostile, for instance.
Cookies are information websites store in users’ browsers in order to identify them, even if they do not log in, and change their IP address. Cookies have to be deleted from the browser each time the user does not want to be identified by the website.
IP Address can be effectively concealed with a VPN service. Paid VPNs are safer than TOR, because besides protecting all traffic and not just the browser’s, with TOR networks there is no accountability in case a TOR node becomes hostile. Whereas paid VPN services would have to effectively sacrifice revenue in order to target a specific individual – by means of such loss in reputation.
Fingerprinting is the profiling made by hostile websites of users’ browser and behavior in order to identify them without the need of an IP address, or cookie. Brave and Tor browsers effectively counter-act fingerprinting profiling through different approaches. Brave browser is more functional than Tor browser.
Portmaster’s developing SPN technology is worth looking into. SPN is based on the TOR model, providing a unique IP address to each application connecting to the internet, instead of a single IP address provided by the VPN server; with the approach of routing all applications connecting to the internet through the onion network, not just the browser, in this sense SPN substitutes VPNs.
What is my IP Address - https://whatismyipaddress.com/ - Check if your IP is concealed.
DNS Leak Test - https://dnsleaktest.com/ - Check if you have a DNS Leak
Cover Your Tracks - https://coveryourtracks.eff.org/ - See how much information websites are able to get out of your browser through fingerprinting.
Although it is indeed possible to bind malware to non-executable files (through hacking software known as “binders”), doing so without an antivirus, or any antivirus detecting it, would at the very least be very expensive, if at all possible.
Besides having an antivirus, a good practice to deal with suspicious files is to have them analyzed with the free online service Virus Total, which scans uploaded files using all available antivirus engines, returning a report with the results of each one; including false positives (files reported as malicious by antivirus engines when they are really not). Leaving then the user with the decision of keeping the file or not, on the basis of such report.
Virus Total - https://www.virustotal.com/
The only files that cannot be analyzed by antivirus engines are compressed files (.zip, .7zip, .rar, etc.) protected by a password; and malware can be programmed to execute when a compressed file is decompressed or extracted. So, password-protected compressed files might better be left alone.
Albeit it is unfortunate that the best and worst collide in the pursuit of online security and anonymity; In any case, cyber-criminals operate with impunity, not because espionage and security departments are unable to identify them, but because they are one and the same.
Privacy Guides - https://www.privacyguides.org/en/
Privacy Tools - https://www.privacytools.io/