Security. Be ignorant not of Cybersecurity & Online Privacy

The 21st Century — where security is an essential one and became huge part of our everyday life. I decided to compile a few security applications that I highly recommend:-


Websites & Blogs

A method to keep your Business website or self-hosted web blog secure is to implement — The Transport Layer Security (TLS) protocol, Secure Sockets Layer (SSL).

Recommended, Free Single Domain Validation Certificates: Let's Encrypt and CloudFlare ECC Certificate

Recommended, Premium Domain Validation Certificates: Comodo PositiveSSL and GlobalSign AlphaSSL

We advice you to utilize SHA256 Secure Hash Algorithm and disabling TLS v3.0 (SSLv3). Keep an eye on OpenSSL Bugs and update the packages on your local machine, when an update is rolled out by the OpenSSL or LibreSSL (or other) developers.


Web Browsing

Tor Project — A free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.

DuckDuckGo — The search engine that doesn't track you. A superior search experience with smarter answers, less clutter and real privacy.


Live Operating System

Tails — Privacy for anyone anywhere. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship, leave no trace on the computer you are using unless you ask it explicitly, use state-of-the-art cryptographic tools to encrypt your files, emails, instant messaging etc


Private Messaging

Telegram Messenger — A cloud-based mobile and desktop messaging app with a focus on security and speed. Available for iPhone/iPad, Android, Windows Phone, Windows OS, Mac OS, Linux OS & a Web-based client.

Signal Private Messenger — Communicate instantly while avoiding SMS fees, create groups so that you can chat in real time with all your friends at once, and share media or attachments all with complete privacy.


Don't Fuck With...

HTTP Public Key Pinning (HPKP) [RFC 7469] standard. This may be a secure standard, but there are reports surfacing that it may cause more harm that one thinks. Therefore, stir away.

SSLv3 or TLS 1.3. This vulnerability, dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption) would enable the attacker to read information encrypted in plain text using the 'man-in-the-middle' attack.

Disable this protocol on your Web Server in order to avoid compromising users private information:

# NGINX Web Server	

server {
	...
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	...
}	
# Apache Web Server

SSLProtocol -ALL -SSLv2 -SSLv3 +TLSv1

Most web browsers have SSLv3 disabled by default. This includes Google Chrome and Mozilla Firefox.