Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
163 lines (162 sloc) 7.18 KB
general:
discord: (See `discord.yml` settings)
email: Create a separate account for your Twitch persona
messaging: Disable link previews; prevents auto-loading
social_media: (See `social-media/` settings)
privacy:
browsers:
_:
- Disable autocomplete in forms and websites
- Purge browsing history on quit
- Use DuckDuckGo as search engine
chrome:
_:
- Hide/change log-in username
- You can also use Chrome Canary as your stream browser
settings:
_:
on_startup: Do not select "Continue where you left off"
resolve_navigation_errors: false
predict_complete_searches_and_urls: false
use_prediction_service: false
protect_from_dangerous_sites: true
do_not_track: true
resolve_spelling_errors_online: false
content_settings:
location: &ask Ask before accessing
camera: *ask
microphone: *ask
flash: Block sites from running Flash
autofill: false
firefox:
preferences:
search:
engine: DuckDuckGo
bar: Use address field
search_suggestions: false
privacy_and_security:
history:
general: Use custom settings for history
always_use_private_browsing_mode: false
remember_browsing_and_download: false
remember_search_and_form: false
accept_third_party_cookies: From visited
address_bar_suggest: false
tracking_protection: Always
do_not_track: Always
firefox_account:
sync_history: false
new_tab_preferences: clear all
aboutconfig:
media.autoplay.enabled: false
clocks: Reveal your timezone when shown on stream
ios:
settings:
notifications:
messages: # Consider the same for other apps
options:
show_previews: false # Hides message text on locked phones
general:
display_and_brightness:
autolock: 5m
siri_and_search:
allow_siri_when_locked: false # Can be abused a lot
touch_id_and_passcode:
passcode:
- Use Touch/Face ID and/or a unique, alphanumeric passcode
- Tap on "Change Passcode" and then "Passcode Options" and select "Custom Alphanumeric Code"
require_passcode: After 15m or less. Make it less if you use Touch/Face ID
allow_access_when_locked: Decide these for yourself. Make sure Siri is off, though
privacy:
advertising: Limit Ad Tracking and Reset Advertising Identifier
passwords_and_accounts:
autofill_passwords: Enable your password manager here for ease of use
messages:
message_filtering:
filter_unknown_senders: true
obs:
automatic_scene_switching: false
use_interstitial_scene_when:
- Downloading (download history, recent download folder)
- Opening unknown link
- Opening and navigating new name (IP, real name, e-mail, etc)
- Logging in and filling out forms
- Purchasing something
studio_mode: true # Previews next scene which reveals any privacy leaks
paypal: Create business account for receiving AND making donations
slack: Workspaces can leak your IP :/
twitch:
chat: Don't click links; might be created to get your IP
connections: Connect your Steam account will publicly link it to your Twitch account
videogames:
_: Never send nor accept Real ID/full-name requests
battlenet:
account_management:
security_and_privacy:
- https://eu.battle.net/account/management/settings/privacy-options.html
- Disable Real ID
- Disable friend-of-friend suggestion
parental_controls:
- https://eu.battle.net/account/parental-controls/index.html
- It's possible you can lock down your account more with this
client: Your real name is shown when you send invitations. Can't be disabled. :/
epic_games: It's currently not possible to change your e-mail address, keep that in mind
netcode:
- Games with P2P netcode leak your IP
- Same: Disable VoIP-based voice chat
- Same: Don't use Steam Voice Chat calls
ps4: Do not enter (and show) your own Real Name; split your pseudonym in two
steam:
- Default interface shows your Steam ID
- Use Family Sharing for separate friends and communities
- Make sure your alias and alias history are correct
- Tips to hide your Steam ID from viewers at https://cygnatus.com/guide/tools/#h-steam-privacy-issues
vpn:
_: With a two-PC setup, you can a least use it on the streaming PC
clients:
- Freedome
- No VPN is probably better than a bad VPN
windows:
_: Use streamer name as Windows username
file_explorer: Disable recently/frequently used files/folders in Quick access
personalisation:
start:
show_suggestions: false
show_recently_opened_items: false
security:
2fa:
- Buy two U2F-compatible YubiKeys for authentication
- Enable two-factor authentication everywhere you go
- Phone numbers are the worst kind of 2FA
- Use app-based or hardware key-based 2FA
- techsolidarity.org/resources/security_key_gmail.htm
chrome: Check browser extensions in `apps.yml`
credit_card: Don't allow PSN and Steam to store your credit card info
passwords:
- Get a password manager. 1Password has the best reputation
- Consider using a separate account for this
- Otherwise you risk exposing other website logins if you show your browser
- Consider using passphrases instead of passwords
- arstechnica.com/?p=36389
ios: (See the privacy section above)
videogames:
2fa: # Some clients that support 2FA (see security.2fa below) and their auth
- Battle.net (app)
- Epic Games (e-mail)
- Steam (app)
router:
- Update firmware
- Disable UPnP
- Disable WPS
- Enable IPsec
- Use WPA2 encryption
- routersecurity.org/checklist.php
software: Uninstall Java (JRE)
windows10:
_: UAC at max
defender: Enable real-time protection under Virus & thread protection
update:
- Don't put off updates
- Configure your active hours in advance
- Run update when you know you have the time
windows<10: Install EMET