Added markdown guidde
This commit is contained in:
parent
dc7242ed10
commit
8c379aa734
35
opsec.md
35
opsec.md
|
|
@ -12,7 +12,13 @@ last revision 25-09-2018
|
||||||
|
|
||||||
1. Behavioural discretion
|
1. Behavioural discretion
|
||||||
First thing first: assess the type of opposition you have. Consider that we operate in general in medium confidential environment. Type of opposition: who wants to know, why.
|
First thing first: assess the type of opposition you have. Consider that we operate in general in medium confidential environment. Type of opposition: who wants to know, why.
|
||||||
Risk assessment: always assess that **the opposition is stronger than you** (and is true that it has a lot of resources), but avoid paranoia: role playing on project based compartments and personal trust is at the base of any assessment. You should use to determine the level of trust of fellows.
|
Risk assessment: always assess that **the opposition is stronger than you, better organised and knows a lot already** (is true that it has a lot of resources). At the same time avoid paranoia: you act and think in a way that males you a tough cookie.
|
||||||
|
|
||||||
|
- you act according to the law and to your constitutional rights
|
||||||
|
- you act according to high etical standards
|
||||||
|
- you are not alone
|
||||||
|
|
||||||
|
As such role playing on project based compartments and personal trust is at the base of any security assessment. You use paranoia
|
||||||
|
|
||||||
* RULE OF THUMB: if you have no trust in someone you should not have business with him :)
|
* RULE OF THUMB: if you have no trust in someone you should not have business with him :)
|
||||||
* RULE OF FOOT TUMB: friends with everyone, in bed with no one
|
* RULE OF FOOT TUMB: friends with everyone, in bed with no one
|
||||||
|
|
@ -60,13 +66,16 @@ A document not marked confidential is still to be spoken of with a bit of discre
|
||||||
* avoid google docs. A file on gdocs is to be consider compromised
|
* avoid google docs. A file on gdocs is to be consider compromised
|
||||||
* avoid dropbox type of services for sharing: use cloud.dyne.org
|
* avoid dropbox type of services for sharing: use cloud.dyne.org
|
||||||
|
|
||||||
|
4. What if
|
||||||
|
- Your computer is stolen
|
||||||
|
- Your computer is compromised for example by virus or malware
|
||||||
|
-
|
||||||
|
-
|
||||||
|
|
||||||
### OSX "security for toddlers"
|
### OSX "security for toddlers"
|
||||||
|
|
||||||
written by fredd
|
written by fredd
|
||||||
|
|
||||||
|
|
||||||
4. MAC OS X security hardening for everyone
|
4. MAC OS X security hardening for everyone
|
||||||
|
|
||||||
Basic computer security for mac users.
|
Basic computer security for mac users.
|
||||||
|
|
@ -89,20 +98,22 @@ Data security
|
||||||
* you can use apple security tools (cloud backup etc) for your stuff but not for any dyne confidential stuff. Best not to use icloud
|
* you can use apple security tools (cloud backup etc) for your stuff but not for any dyne confidential stuff. Best not to use icloud
|
||||||
* don't trust icloud keychain backup
|
* don't trust icloud keychain backup
|
||||||
|
|
||||||
INSTALL SHELL OSX DEV tools
|
- [ ] INSTALL SHELL OSX DEV tools
|
||||||
INSTALL HOMEBREW
|
- [ ] INSTALL HOMEBREW
|
||||||
|
|
||||||
GIT
|
- [ ] how to use GIT: GUIs
|
||||||
|
|
||||||
SSH keys
|
- [ ] how to use SSH keys
|
||||||
just as GPG keys private/public part
|
just as GPG keys private/public part
|
||||||
unlike GPG keys they are bound to devices not to people. A new laptop you make a key and collect it in
|
unlike GPG keys they are bound to devices not to people. A new laptop you make a key and collect it in
|
||||||
|
|
||||||
|
|
||||||
Privacy
|
- [ ] Privacy
|
||||||
• Tor
|
Some tools that are there to assure you a certain kind of privacy if you think you might be observed
|
||||||
• Tor Browser
|
* Tor
|
||||||
• remember that any phone is a perfect recording and tracking device
|
* Tor Browser
|
||||||
|
* Heads
|
||||||
|
* remember that any phone is a perfect recording and tracking device
|
||||||
|
|
||||||
Mobile
|
Mobile
|
||||||
is your channel in clear or not? Is your channel cleared or memorised forever? Were the memory is going to stay? Logs?
|
is your channel in clear or not? Is your channel cleared or memorised forever? Were the memory is going to stay? Logs?
|
||||||
|
|
@ -117,7 +128,7 @@ is your channel in clear or not? Is your channel cleared or memorised forever? W
|
||||||
* office.dyne.org has been replaced by nextcloud: cloud.dyne.org
|
* office.dyne.org has been replaced by nextcloud: cloud.dyne.org
|
||||||
* repository for file sharing document based on our servers. Functionalities similar to google drive and dropbox
|
* repository for file sharing document based on our servers. Functionalities similar to google drive and dropbox
|
||||||
* pad.dyne.org for shared document writing.
|
* pad.dyne.org for shared document writing.
|
||||||
* get used to markdown!
|
* get used to markdown! https://guides.github.com/features/mastering-markdown/
|
||||||
* libre office is the reference office suite
|
* libre office is the reference office suite
|
||||||
* vdc.dyne.org video conference platform
|
* vdc.dyne.org video conference platform
|
||||||
* irc.dyne.org
|
* irc.dyne.org
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue