dphiffer · July 12, 2017 01:23
diff --git a/eyeo_cryptoparty.txt b/eyeo_cryptoparty.txt
 All credit for this goes to Matt Mitchell
 https://twitter.com/geminiimatt

 macOS
  FileVault: on
  Firewall: on
 Password managers
 	Dashlane
 	OnePassword
 	LastPass
 	Padlock.io - OSS, sync
 	KeepassX
 Fragmenting: practice of keeping various resources/factors separate
 Use Tor Browser
 Paying for stuff
  Use gift cards
  privacy.com virtual credit cards
  Blur by Abine.com
 Get better at remembering passwords!
  Book: Moonwalking With Einstein
 VPN
 	https://thatoneprivacysite.net/vpn-section/
 	https://www.mullvad.net/
 	Freedome - Fsecure
 	Roll your own
    https://github.com/trailofbits/algo
 		https://medium.com/@dmitrypavluk/getting-algo-vpn-up-and-running-182051ec5bc1
 		Use ipsec
 	Jaguar $80 rpi alternative
 Throw your files somewhere
 	Encrypted USB - bit locker
 	Apricorn
 Services to use instead of DropBox
 	spideroak.com - US-based
 	tresorit.com - not US-based, not as prone to prying US law enforcement, more expensive
 Hosting services
 	greenhost.com - eclipse
 	Free certs! letsencrypt.org
 	Use a certchecker to make sure your TLS/SSL is setup right
 myshadow.org
 Make a checklist, don't trust yourself to just get opsec right every time
 Use a Yubikey!
 Threat modeling - “measuring your risk”
 	1. What do I want to keep safe?
 	2. Who do I want to keep it safe from?
 	3. What is their capability? What resources do they have?
 	4. What would happen if they did get this thing?
 	5. What can I do to keep #4 from happening?
 What if you might be compromised?
 	objective see
 	os query
 	little snitch
 	activity monitor
 	install spyware on yourself and see what you learn - flexispy
 	virus total
 	sophos - threat scanner
 	malware bytes - free scanners
	All credit for this goes to Matt Mitchell
	https://twitter.com/geminiimatt

	macOS
	FileVault: on
	Firewall: on
	Password managers
	Dashlane
	OnePassword
	LastPass
	Padlock.io - OSS, sync
	KeepassX
	Fragmenting: practice of keeping various resources/factors separate
	Use Tor Browser
	Paying for stuff
	Use gift cards
	privacy.com virtual credit cards
	Blur by Abine.com
	Get better at remembering passwords!
	Book: Moonwalking With Einstein
	VPN
	https://thatoneprivacysite.net/vpn-section/
	https://www.mullvad.net/
	Freedome - Fsecure
	Roll your own
	https://github.com/trailofbits/algo
	https://medium.com/@dmitrypavluk/getting-algo-vpn-up-and-running-182051ec5bc1
	Use ipsec
	Jaguar $80 rpi alternative
	Throw your files somewhere
	Encrypted USB - bit locker
	Apricorn
	Services to use instead of DropBox
	spideroak.com - US-based
	tresorit.com - not US-based, not as prone to prying US law enforcement, more expensive
	Hosting services
	greenhost.com - eclipse
	Free certs! letsencrypt.org
	Use a certchecker to make sure your TLS/SSL is setup right
	myshadow.org
	Make a checklist, don't trust yourself to just get opsec right every time
	Use a Yubikey!
	Threat modeling - “measuring your risk”
	1. What do I want to keep safe?
	2. Who do I want to keep it safe from?
	3. What is their capability? What resources do they have?
	4. What would happen if they did get this thing?
	5. What can I do to keep #4 from happening?
	What if you might be compromised?
	objective see
	os query
	little snitch
	activity monitor
	install spyware on yourself and see what you learn - flexispy
	virus total
	sophos - threat scanner
	malware bytes - free scanners