Here is a collection of resources from Oh Shit! What Now?’s September 2017 class, “Computer Security & Online Privacy Basics.” We either used these resources and links in the creation of the class, or they offer opportunities for further learning and study.
- Equifax had patch 2 months before hack and didn’t install it, security group says
- How to Find Out If You Were Affected by the Equifax Hack
- How to Freeze Your Credit
- No, a chatbot can’t automatically sue Equifax for $25,000
- You can sue Equifax if your data was exposed – Here’s how
- Facial recognition could soon be used to identify masked protesters
- Security risks of iPhone facial recognition tech
Google Apps Risk
- DuckDuckGo, a search engine which doesn’t track you
- Have I Been Pwned? search if your online accounts were compromised in major security breaches
- HTTPS Everywhere, forced browsers to use more secure HTTPS websites whenever possible
- Signal, from Open Whisper Systems (search for it in your app store), for secure encrypted messaging & phone calls
- Tor Browser, makes it harder to trace & track your online activity
- Cybersecurity For The People: How To Protect Yourself At A Protest, a short, informative video on protecting yourself at a protest from The Intercept
- What Vault 7 Means for You & How to Protect Yourself With Encryption, a video guide (with transcript) from Oh Shit! What Now! collective member Kit O’Connell, written for Act Out!
- A DIY Guide to Feminist Cybersecurity, another take on online security form a feminist perspective
- A 70-Day Web Security Action Plan for Artists and Activists Under Siege, a step by step plan for getting more secure
- Communications Security from Riseup.net, don’t be the weak link in your activist plans
- Crash Override Network, resources to prevent doxing or deal with being doxed
- CryptoParty, a great security guide especially if you want to teach others and make it fun
- How to Enable Full-Disk Encryption on Windows 10, unfortunately not compatible with every device
- How to Encrypt Your Android Phone (and Why You Might Want to), remember iOS devices are encrypted automatically, both must be password locked
- How to run a rogue government Twitter account with an anonymous email address and a burner phone, skills that will apply to many anonymous behaviors online
- How Secure Are You with Your Smartphones? tips for smarter use of your smartphone
- How To Set Up Your Own OpenVPN Server, an advanced topic if you want to create & control your own VPN
- Is Your VPN Provider In A 14 Eyes Country? understand why it matters where your VPN is located
- Post-FCC Privacy Rules, Should You VPN? security expert cuts through some BS about the Congress vote on Broadband privacy
- PrivacyTools, a comprehensive guide to being safer online, with the best apps and services for security and anonymity
- Security-in-a-Box, tactics guide to online security
- Simple VPN Comparison Chart, lets you compare the services of dozens of VPN providers
- Sprout Distro’s Zines About Security, a variety of zines offering bite size security learning
- Surveillance Self Defense, the EFF’s guide to protecting yourself online
- Things to Consider When Crossing the US Border, especially important now for all travelers
- Two-factor authentication: What you need to know (FAQ)
- Two Factor Auth List, a list of sites and apps that support two-factor authentication
- Use FileVault to encrypt the startup disk on your Mac
- Which VPN Services Keep You Anonymous in 2017? another guide to choosing the right VPN
- WikiLeaks’ Vault 7 release, which revealed information about the CIA’s cyberweapons
Recommended Virtual Private Networks
These Virtual Private Networks were vetted by Oh Shit! What Now?’s volunteer security consultant. They should be good enough for most uses, but you must do your own research before depending on these VPNs (or any security tools we recommend!) to keep you safe in a high-risk situation.
- BlackVPN — located in foreign jurisdiction, no tracking of users. Generally acknowledged as safe. About $10/month, billed in 1, 3, or 12 month increments.
- Cryptostorm — located in foreign jurisdiction, no tracking of users. Generally acknowledged as safe. Allows anonymous payment methods (good for activists).
- NordVPN — located in foreign jurisdiction, no tracking of users. Generally acknowledged as safe. Billed monthly, 6 months, yearly. Ranges from $5.75/month – $11.95/month.
- VPNarea — located in foreign jurisdiction, no tracking of users. Generally acknowledged as safe. From $4.92/month.
These VPNs are good enough for most purposes, with caveats:
- Mullvad — says they don’t keep any tracking data, in a foreign jurisdiction but one with agreements with U.S. to give up data (if they kept anything). About €5/month.
- VyprVPN –They have an office in Austin, Texas, but are incorporated in Switzerland. Does do some IP address/timestamp tracking. Good for ease of use — has an app & can use on multiple devices. Great if you’re just trying to combat general tracking & don’t need airtight anonymity. $5/mo if billed annually, otherwise $10/mo. Has 3 day free trial.
All original Oh Shit! What Now? materials are copyright free, except where otherwise noted, and can be freely reprinted, shared, and reused. If you’ve got feedback, email us.