202040512

- Added Access Now, Algorithmic Justice League, Digital Rights Watch, Open Rights Group, and Restore the Fourth as organizations to get involved with. - Clarified using FDE to protect SSDs and added a warning about third-party Windows ISOs - Added the Social Security Administration's PDF on identity theft as a resource on the Credit Freeze page - Added more information about how passwords can be easily guessed - Added an affiliate link for Hushed
tnonate · May 12, 2024 · d5cddfc · d5cddfc
1 parent cb4079e
commit d5cddfc
Show file tree

Hide file tree

Showing 14 changed files with 45 additions and 4 deletions.
diff --git a/public/images/logos/accessnow.png b/public/images/logos/accessnow.png
diff --git a/public/images/logos/ajl.png b/public/images/logos/ajl.png
diff --git a/public/images/logos/digitalrightswatch.png b/public/images/logos/digitalrightswatch.png
diff --git a/public/images/logos/org.png b/public/images/logos/org.png
diff --git a/public/images/logos/restorethe4th.png b/public/images/logos/restorethe4th.png
diff --git a/src/assets/data/BlogPages.json b/src/assets/data/BlogPages.json
@@ -1,4 +1,9 @@
 [ 
+  {
+    "slug": "protecting-your-privacy-at-a-protest-in-2024",
+    "created": "2024-05-11T17:18:43Z",
+    "title": "Protecting Your Privacy at a Protest in 2024"
+  },
   {
     "slug": "the-best-secure-email-provider-in-2024",
     "created": "2024-05-04T19:55:36Z",

diff --git a/src/assets/data/pages/en/guides/less-important/Voip.json b/src/assets/data/pages/en/guides/less-important/Voip.json
@@ -4,6 +4,7 @@
     "logo": "/images/logos/hushed.png",
     "logo_alt": "Hushed logo",
     "link": "https://hushed.com/",
+	"referral_link": "https://promo.hushed.com/lp/lifetime-3?oid=14&affid=497",
     "pros": [
       "Unlimited numbers",
       "International calling",

diff --git a/src/assets/data/pages/en/links/GetInvolved.json b/src/assets/data/pages/en/links/GetInvolved.json
@@ -1,9 +1,24 @@
 [
+  {
+    "name": "Access Now",
+    "link": "https://www.accessnow.org/",
+    "img": "/images/logos/accessnow.png"
+  },
+  {
+    "name": "The Algorithmic Justice League",
+    "link": "https://www.ajl.org/",
+    "img": "/images/logos/ajl.png"
+  },
   {
     "name": "Big Brother Watch",
     "link": "https://bigbrotherwatch.org.uk/",
     "img": "/images/logos/bigbrotherwatch.png"
   },
+  {
+    "name": "Digital Rights Watch",
+    "link": "https://digitalrightswatch.org.au",
+    "img": "/images/logos/digitalrightswatch.png"
+  },
   {
     "name": "The Electronic Frontier Foundation (EFF)",
     "link": "https://www.eff.org/",
@@ -24,11 +39,21 @@
     "link": "https://www.fightforthefuture.org/",
     "img": "/images/logos/fftf.png"
   },
+  {
+    "name": "Open Rights Group",
+    "link": "https://www.openrightsgroup.org/",
+    "img": "/images/logos/org.png"
+  },
   {
     "name": "Privacy International",
     "link": "https://privacyinternational.org/",
     "img": "/images/logos/privacy-international.png"
   },
+  {
+    "name": "Restore the Fourth",
+    "link": "https://restorethe4th.com/",
+    "img": "/images/logos/restorethe4th.png"
+  },
   {
     "name": "The Surveillance Technology Oversight Project (STOP)",
     "link": "https://www.stopspying.org/",

diff --git a/src/assets/data/pages/en/support/Affiliate.json b/src/assets/data/pages/en/support/Affiliate.json
@@ -5,6 +5,12 @@
     "img": "/images/logos/filen.png",
     "subtext": "Cloud storage"
   },
+  {
+    "name": "Hushed",
+    "link": "https://promo.hushed.com/lp/lifetime-3?oid=14&affid=497",
+    "img": "/images/logos/hushed.png",
+    "subtext": "Voice-over-IP provider"
+  },
   {
     "name": "Mega",
     "link": "https://mega.nz/aff=UBJLjO7sxZU",

diff --git a/src/pages/en/guides/moderately-important/desktop-settings.mdx b/src/pages/en/guides/moderately-important/desktop-settings.mdx
@@ -142,4 +142,6 @@ Even with all the third-party software, tweaks, and changes we've made to the op
 
 Just as with [phones](/guides/moderately-important/mobile-habits), **I encourage you to have as few apps, programs, and files as possible on your computer.** Sometimes this is either impossible or just not a reasonable request but, for example, you can use your browser instead of an app to access Netflix or Hulu. I also encourage you to regularly look for and get rid of files you no longer want or need, such as photos of exes or documents you downloaded once so you could print them off. This could potentially be dangerous if your device falls into the wrong hands.
 
-Keep in mind that forensic software can still often recover "deleted" items so if you have anything you want gone for good, be sure to perform a disk wipe, which is offered by Bleachbit. Don't do disk wipes on Solid State Drives as this will shorten their lifespans.
+Keep in mind that forensic software can still often recover "deleted" items so if you have anything you want gone for good, be sure to perform a disk wipe, which is offered by Bleachbit. Don't do disk wipes on Solid State Drives as this will shorten their lifespans. Instead, [full disk encryption](/guides/moderately-important/devices/) is your best defense.
+
+Although I have recommended W10 Privacy and WindowsSpyBlocker for Windows, there are other similar offerings. Whatever you use, be sure to vet it carefully and make sure it is trusworthy. Many modification scripts and third-party variations of Windows can include security vulnerabilities you may not be aware of, such as [AtlasOS](https://www.vice.com/en/article/m7bv4b/windows-for-gamers-rolls-dice-with-your-security-atlasos), which claims to improve Windows performance for gamers but does so at the cost of numerous security features.
diff --git a/src/pages/en/guides/moderately-important/metadata.mdx b/src/pages/en/guides/moderately-important/metadata.mdx
@@ -22,7 +22,7 @@ Metadata is often described as “data about the data.” For example, the conte
 - They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood's number later that day. But nobody knows what you spoke about.
 - They know you got an email from an HIV testing service, then called your doctor, then visited an HIV support group website in the same hour. But they don't know what was in the email or what you talked about on the phone.
 - They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
-  (Lifed directly from EFF's [Surveillance Self Defense](https://www.eff.org/deeplinks/2013/06/why-metadata-matters) page)
+- _(This section lifed directly from EFF's [Surveillance Self Defense](https://www.eff.org/deeplinks/2013/06/why-metadata-matters) page)_
 
 </Highlighting>
 

diff --git a/src/pages/en/guides/most-important/credit.mdx b/src/pages/en/guides/most-important/credit.mdx
@@ -29,3 +29,5 @@ Unfortunately, some people have discovered that **a freeze can be circumvented w
 **If you have children - even if they are minors - be sure to freeze their credit as well.** Identity theft of [minors](https://www.javelinstrategy.com/coverage-area/2018-child-identity-fraud-study) is a lucrative and growing area of cybercrime because most children do not have any negative marks (except for not having any credit) and it can potentially take years for anyone to notice the crime has even occurred.
 
 **Once you have frozen your credit, be sure to request and examine a credit report from each agency regularly to check for any errors.** In the US you can do this for free once per week at [Annual Credit Report.com](https://www.annualcreditreport.com/index.action) (this will give you the full report, but not the score, no account is required). I have found that due to my increased privacy lifestyle, I am sometimes forced to submit additional verification paperwork via "snail mail." Sometimes simply turning off my [VPN](/guides/less-important/vpns) will be enough to let me do the entire process digitally. Regardless, in the past the conventional wisdom was to request each report once per year, staggering them every four months. This was because up until 2023, these reports were only available for free once per year. Since then, each credit agency has [committed](https://www.businessinsider.com/personal-finance/credit-bureaus-make-free-weekly-credit-reports-permanent-2023-9) to providing them weekly. How often you should check them is up to you, though I would recommend at least once every four months as before.
+
+**For additional resources related to identity theft** including how to spot scams and what to do if you believe you've become a victim of identity theft, I recommend checking out the Social Security Administration's short PDF, "[Identity Theft and Your Social Security Number](https://www.ssa.gov/pubs/EN-05-10064.pdf)."
diff --git a/src/pages/en/guides/most-important/mobile-settings.mdx b/src/pages/en/guides/most-important/mobile-settings.mdx
@@ -112,6 +112,6 @@ See my criteria for this page [here](/criteria#mobile-settings--apps).
 - Google: Disable everything (exception: enable "Opt out of Ads Personalization")
 - Any settings not covered are personal preference and are unlikely to cause any privacy or security issues no matter how you set them.
 - **_Note:_** _it is possible to use an Android device without ever signing into a Google account for added privacy. This must be done during device setup. You can use [F-Droid](https://f-droid.org/) (or another client such as F-Droid Basic) to procure many [open source](/guides/prologue/open-source) apps, and [Aurora Store](https://auroraoss.com) as a proxy for the Play Store for anything else you can't get on F-Droid. Note that with Aurora you will not be able to use Google to process app-related payments such as subscriptions or one-time payments to download the app. In these cases, it should be possible to sign into the Play Store exclusively without signing into Google on the entire device._
-- **_Note:_** _Android in particular is capable of a number of powerful, privacy- and security-enhancing strategies that iOS is not, such as the aforementioned "no account required," alternative app stores, sideloading, user profiles, and much more. Some of these are advanced techniques, but not all, though many of them fall outside the scope of this site. For those using or considering an Android device, I strongly encourage you to check out Privacy Guide's [Android page](https://www.privacyguides.org/android/) to get an idea of some of the things your phone is capable of._
+- **_Note:_** _Android in particular is capable of a number of powerful, privacy- and security-enhancing strategies that iOS is not, such as the aforementioned "no account required," alternative app stores, sideloading, user profiles, and much more. Some of these are advanced techniques, but not all, though many of them fall outside the scope of this site. For those using or considering an Android device, I strongly encourage you to check out Privacy Guide's [Android page](https://www.privacyguides.org/en/android/) to get an idea of some of the things your phone is capable of._
 
 By enabling all of these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.
diff --git a/src/pages/en/guides/most-important/passwords.mdx b/src/pages/en/guides/most-important/passwords.mdx
@@ -18,7 +18,7 @@ A password manager is a program or service that allows you to store login inform
 
 ## Why do I Need a Password Manager?
 
-**The single most important thing you can do to protect your accounts is to use strong, unique passwords that are not reused anywhere.** Weak passwords can be easily decrypted using off-the-shelf computers, usually in a matter of minutes or seconds, and even a strong password reused across multiple services can be unsafe as some companies are still not using [proper measures](https://www.bleepingcomputer.com/news/security/misconfigured-firebase-instances-leaked-19-million-plaintext-passwords/) in securing your passwords on their sites. Using a strong, unique password on each service will make your accounts practically impossible to hack this way. **A [strong password](https://protonmail.com/blog/how-long-should-my-password-be/) should consist of sixteen or more characters consisting of upper and lower case letters, numbers, and special characters, and should not be reused on any other accounts.** Of course, this means that a good password is impossible to remember, so the solution is to use a password manager. By using a password manager, you only ever have to remember a single password: the master password to login.
+**The single most important thing you can do to protect your accounts is to use strong, unique passwords that are not reused anywhere.** Weak passwords can be [easily guessed](https://www.euronews.com/next/2024/05/11/how-long-does-it-take-a-hacker-to-crack-a-password-in-2024) using off-the-shelf computers, usually in a matter of minutes or seconds, and even a strong password reused across multiple services can be unsafe as some companies are still not using [proper measures](https://www.bleepingcomputer.com/news/security/misconfigured-firebase-instances-leaked-19-million-plaintext-passwords/) in securing your passwords on their sites. Using a strong, unique password on each service will make your accounts practically impossible to hack this way. **A [strong password](https://protonmail.com/blog/how-long-should-my-password-be/) should consist of sixteen or more characters consisting of upper and lower case letters, numbers, and special characters, and should not be reused on any other accounts.** Of course, this means that a good password is impossible to remember, so the solution is to use a password manager. By using a password manager, you only ever have to remember a single password: the master password to login.
 
 ## What Should I Look For in a Password Manager?