You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Believe in technology as a tool for liberation, not enslavement!
┌──┤| SOFTWARE ||
├
├──┤ Primary |
├─ OS: Unstable NixOS
├─ Kernel: Bleeding Edge Xanmod Linux
├─ Init: Systemd
├─ Boot Loader: Systemd-boot
├─ Filesystem: BTRFS with ZSTD level 5 compression
├─ Package Managers: Nix and Flatpak
├─ All Free Software: No
├
├──┤ Research |
├─ OS: Gentoo Linux with full disk encryption (FDE) using LUKS
├─ Project: Hardened Gentoo
├─ Init: Systemd
├─ Boot Loader: Systemd-boot
├─ Kernel: Hardened Linux
├─ Selinux Enabled: Yes
├─ encrypted boot: Yes (cryptboot)
├─ Filesystem: ZFS
├─ Package Managers: Paludis, Portage, Nix, Guix, Flatpak and Snap
├─ All Free Software: Yes
├
└──────────────────────────
Security/Privacy Standards
All the services I use, uses free open source software. I anonymize logs and use full disk encryption to preserve my privacy. My hosting providers are located in Switzerland and Iceland, and supports human rights and freespeech!
My passwords are all random characters long and uses capitcal letters, small letters, numbers, symbols, all languages and extended ASCII characters. I don't reuse passwords. I don't memorize any passwords. I use offline passwords manager called KeepassXC!
My personal email service has replaced the classic asymmetric cryptography (RSA-2048) with quantum-safe hybrid encryption protocol. It combines a post-quantum Key Encapsulation Mechanism (CRYSTALS-Kyber) and an Elliptic-Curve-Diffie-Hellmann key exchange (x25519).
I use my own invented ciphers to remember my master passwords. No passwords are memorized.
I use 2FA (TOTP Based) whenever possible (everywhere basically).
I use Linux (hardened) and free softwares whenever possible.
My BIOS is encrypted. Latest TPM, Secure boot, every security options and mitigations are enabled.
I use hidden Veracrypt volume to ensure Plausible Deniability.
I use privacy respecting extensions/addons in my browser.
I use privacy respecting email service.
I use high encryption settings everywhere.
I use WPA3 with AES-256-Bit security on my router.
I use self-hosted secure DNS services.
I use degoogled android phone with FOSS Apps and Open GAPPS. And I use bromite (FOSS and privacy respecting) webview.
I use disposable zulucrypt instance for USB devices.
I don't connect to open/unsecure networks.
I use privacy/foss respecting frontends.
I compile (from source code form) before using the software whenever possible.
I encrypt files before uploading to hosting platforms.
I use Whonix with multiple gateways when doing extensive research or exploring online content.
I regularly review and update my security configurations and policies.