Différences

Ci-dessous, les différences entre deux révisions de la page.

--- tech:privacy_and_security_online [2024/10/05] – [Password Manager] Mathieu
+++ tech:privacy_and_security_online [2024/10/05] (Version actuelle) – [Backing Up and Managing Personal Data] Mathieu
@@ Ligne 4: / Ligne 4: @@
 Our lives are increasingly dependent on the internet and the data we associate with our identities. **Many of us still approach this situation naively**, without a clear understanding of what their online identity represents, the data connected to it, or the risks involved.
+<WRAP center round help 60%>
+Une version française de cette page [[tech:vie_privee_et_securite|se trouve ici]]
+</WRAP>
 Use the information found here at your own risk: **my advice and suggestions should never replace your understanding of the issues** and a strategy tailored to your particular situation. I believe them to be relevant, but **applying them without understanding could lead to more insecurity** than anything else.
@@ Ligne 86: / Ligne 91: @@
 ==== TOR network ====
 <wrap danger>zone 3</wrap>
@@ Ligne 92: / Ligne 98: @@
 </WRAP>
-[[https://www.torproject.org/|TOR]], also known as the //onion network//, routes your internet traffic through several servers (or "nodes") before it reaches its final destination. This makes it much more difficult, if not practically impossible, for anyone to identify the source of the traffic. You may have heard of it in the context of the //dark web//, for which TOR is one of the main protocols. The term is clearly intended to demonize anonymous and secure internet usage, but the phenomenon it describes—parts of the internet inaccessible to both private and state surveillance—does indeed exist. {{:tech:tor-logo-2011-flat.svg.png?nolink&200|}}
+[[https://www.torproject.org/|TOR]], also known as the //onion network//, routes your internet traffic through several servers (or "nodes") before it reaches its final destination. This makes it much more difficult, if not practically impossible, for anyone to identify the source of the traffic. You may have heard of it in the context of the //dark web//, for which TOR is one of the main protocols. The term is clearly intended to demonize anonymous and secure internet usage, but the phenomenon it describes—parts of the internet inaccessible to both private and state surveillance—does indeed exist.
+{{ :tech:tor-logo-2011-flat.svg.png?nolink&200|}}
 **This solution is by far the most secure and anonymous for connecting to the internet**. However, it comes with significant constraints:
@@ Ligne 120: / Ligne 128: @@
 If you're looking for an easy replacement for Chrome, Edge, or Safari without worrying about configuration, it's probably the best solution.
-However, there are reasons you might not want to choose Brave, starting with its integration of a cryptocurrency system((which can easily be disabled)). Some users prefer to avoid Chromium-based solutions, so as not to contribute to the near-monopoly of WebKit((the underlying web rendering engine)) on the web, much like the days of Internet Explorer.
+However, there are reasons you might not want to choose Brave, starting with its integration of a cryptocurrency system((which can easily be disabled)). Some users prefer to avoid Chromium-based solutions, so as not to contribute to the near-monopoly of Blink((the underlying web rendering engine)) on the web, much like the days of Internet Explorer.
 ===== Firefox =====
@@ Ligne 128: / Ligne 136: @@
 {{ :tech:firefox_logo_2019.png?nolink&100|}}
-Firefox also has the advantage of promoting web diversity and interoperability, as it is based on a different engine than Chromium/WebKit.
+Firefox also has the advantage of promoting web diversity and interoperability, as it is based on a different engine than Chromium/Blink.
 Its default configuration is insufficient (from an ASP perspective). Here are [[tech:ffconf|some configuration tips]] to optimize your situation, along with a few useful extensions for this purpose.
@@ Ligne 252: / Ligne 260: @@
 If you can’t use Signal (for example, if your contacts don’t use it), make sure to enable end-to-end encryption in the settings of your messaging app.
+====== Backing Up and Managing Personal Data ======
+<wrap caution>zone 2</wrap>
+**Backing up your data online**, using services like Google Drive, Dropbox, or OneDrive might seem like a good idea from a security standpoint. These services offer several useful features on top of the security provided by backups.
+However, there are several problems with this approach:
+  * **All your data will be scanned**, indexed, and used to profile you and generate profit,
+  * **A synchronization service is not a backup**, and cannot replace one. If you accidentally delete an important file, it will also be deleted from your online sync. If ransomware encrypts your files to extort money in exchange for the decryption key, this encryption will also be propagated to your online sync.
+That being said, **maintaining an up-to-date backup of your data is crucial for security**, unless you have no important data stored digitally.
+Several approaches can help circumvent these issues:
+  * Making backups on **physical media**, such as external hard drives or USB keys. This is a viable approach, but it becomes quite complex when considering the need for regular backups, stored off-site to protect against risks like theft or fire. **This approach requires a lot of discipline and regular rotation of media**, making it a fragile and difficult strategy to implement.
+  * Using an online service, such as those mentioned above, but **encrypting your data** before uploading it to the service. This is a perfectly viable approach, though somewhat complex. You won’t be able to rely on the built-in sync features of mainstream services, and you’ll lose access to features that require unencrypted files (such as sharing or online editing). If you choose this route, it's better to use a "bucket" service like AWS, which will cost less and be better suited for this use case. I personally use [[https://www.backblaze.com/b2/cloud-storage.html|Backblaze B2]],
+{{ :tech:nextcloud_logo.svg.png?nolink&200 |}}.
+  * <wrap danger>zone 3</wrap> Self-hosting your own data storage, synchronization, sharing, and editing service, using a tool like [[https://nextcloud.com|NextCloud]]. This solution is by far the most complex, but it's also the one that gives you the best of both worlds: complete control over your data security, along with sharing and editing features. However, this route is **far more technically demanding** than the previous two.
+====== Going Further ======
+These general tips cover the essential daily concerns regarding ASP, and applying them will place you in a far better position than you likely are by default.
+However, if these issues are important to you, many other stones deserve to be turned.
+==== A Secure Operating System ====
+The operating systems of our computers and phones can have a major impact on our security and privacy:
+  * **Windows is notoriously insecure**, though the situation has improved considerably. Its code is also almost entirely proprietary, and it spies on you without hesitation. In short, avoid it if you care about these issues,
+  * **Mac OS is relatively secure by default**, and far more so than Windows. However, in terms of privacy, Apple’s practices are just as questionable as those of Microsoft.
+  * <wrap caution>zone 2</wrap> Linux is uncommon on desktop computers, and it has a reputation for being difficult((it’s not really that hard, but it certainly requires learning a new paradigm)). It's open-source, which gives it a structural advantage, but **it’s not particularly secure by default**. However, **it's an excellent starting point** for securing your system and controlling your data, for example by encrypting the entire installation.
+  * <wrap danger>zone 3+</wrap> Some **Linux distributions are specialized in security and anonymity**, such as [[https://tails.boum.org|Tails]] or [[https://www.qubes-os.org/|Qubes OS]], **both extremely secure systems that allow for advanced anonymity**, at the cost of significant constraints.
+  * **On smartphones**, the situation is a bit more complex:
+    * By default, **iOS is more secure than most "stock" Android systems** provided by manufacturers,
+    * "Stock" Android, as distributed by Google on Pixel devices and occasionally by some third-party manufacturers (One+, Oppo, Motorola), is on par with iOS in terms of security, but gives you more freedom to do more,
+    * <wrap danger>zone 3</wrap> There are **third-party Android ROMs** that can be installed on certain devices and are focused on security: **[[https://grapheneos.org/|GrapheneOS]] and [[https://calyxos.org/|CalyxOS]]** are particularly notable. These systems are generally more secure than stock Android, but being small projects, they expose you to delayed updates or the risk of disappearing without notice,
+    * **The cellular network itself is a security flaw**, as it **constantly tracks your location**. This location data is not hard to obtain and is available to anyone for a small price,
+    * <wrap caution>zone 2</wrap> A //dumb phone// protects you from the software profiling of apps and services on your smartphone but does not protect you from being located through the cellular network,
+    * <wrap danger>zone 3+</wrap> If you need an anonymous phone that’s hard to track, you can consider using a **prepaid phone**, keeping the number secret, and using the SIM card only to access the data network. You can then use a **VoIP service** over this data network. Note that you are still fully locatable; this just makes it harder to associate you with your cellular number.
+==== Self-Hosting ====
+<wrap danger>zone 3</wrap>
+To avoid entrusting your data and its security to third parties, **one possible approach is to self-host**((yourself or a trusted third party)) **all the services that handle your data**, from email and backups to streaming movies or music.
+This is an approach that’s **very effective but requires a lot of time and work**. For most people, it’s impractical—too difficult, too time-consuming, and perhaps even too risky, as the security of these systems depends entirely on your own knowledge and diligence.
+If this is a path you want to take, I recommend sharing the efforts with a few friends to distribute the work and responsibilities. You'll learn a lot along the way, but you’ll also likely experience some lonely moments :)
+<WRAP center round alert 90%>
+<wrap danger>zone 3+++</wrap> Do not attempt to [[tech:self-hosted_mail-server|self-host your email]] without solid experience with Linux, hosting other web services, command-line tools, strong programming knowledge, and a tested, proven backup plan.
+This is an especially hostile sector, and any configuration error will be exploited faster than you think, potentially within minutes of your mail server going live. **Likely causing significant damage to both you and third parties**.
+</WRAP>
+==== Everything Else ====
+I’ve tried to cover the main issues of online security and anonymity, but each application and service we use is likely to expose us to new risks.
+Applying these tips should give you a solid foundation and a good sense of online security, enabling you to generalize them to other situations. The core principles remain the same, and similar techniques apply:
+  * Prioritize **open-source software and protocols**,
+  * **Limit the permissions** granted to third parties to the bare minimum necessary,
+  * **Minimize exposure** of your data as much as possible,
+  * Identify your needs, **model the risks** you face,
+  * **Know the limitations** of the security measures you rely on,
+  * **Formalize and systematize** your security practices to minimize human error.
+==== Modeling Risks and Developing Appropriate Strategies ====
+These tips are broad, and you may be wondering what is relevant or not in your situation. I won’t delve deeply into risk modeling here, but here are three profiles to help you identify your position:
+=== General Public ===
+<wrap safety>zone 1</wrap>
+You don’t have anything specific to hide, don’t handle sensitive data, and don’t want to invest a lot of time, effort, or money into these issues. You have no reason to be specifically targeted, either by a government or a private actor. **Your main concern is to avoid overly intrusive profiling and protect yourself from criminal attacks**.
+  * Use a password manager and activate 2FA where available,
+  * Use the Brave browser, or configure Firefox if you prefer to support web diversity,
+  * Move your email to Proton Mail,
+  * Think about a backup system for your data, keeping in mind that backups and syncs are not the same.
+=== Increased Security Needs ===
+<wrap caution>zone 2</wrap>
+You are involved in **activism**, handle **sensitive data**, or for some reason, are at risk of being **targeted by malicious actors**:
+  * In addition to a password manager, ensure you only use services compatible with 2FA and that offer either TOTP or physical keys,
+  * Besides transferring your email to a secure service, learn to use [[https://en.wikipedia.org/wiki/GPG|GPG]] and the concept of asymmetric encryption. Ensure your correspondents also use secure services.
+  * Keep up-to-date, encrypted backups, with at least one stored off-site.
+=== Healthy Paranoia ===
+<wrap danger>zone 3</wrap>
+If you suffer from healthy paranoia, whether justified by your activities or the surveillance you’re under, or simply by your own twisted mind, the tips on this page are, of course, applicable but probably not enough. At a minimum, you should:
+  * **Encrypt all your data**, even locally,
+  * Master GPG, asymmetric encryption, and apply a strict policy of encryption and signature,
+  * Have **an anonymous email** created and accessed exclusively via TOR,
+  * Use **a free operating system**, such as Linux, **and** harden its default security settings with TOR, SELinux, and various [[https://privsec.dev/posts/linux/desktop-linux-hardening/|hardening techniques]],
+  * Consider using **a security and anonymity-focused OS, like [[https://tails.boum.org/|Tails]]**,
+  * Leave or at least severely compartmentalize social networks,
+  * Learn to use **anonymity-oriented cryptocurrency**, like [[https://www.getmonero.org/|Monero]],
+  * Stay actively informed about technologies that keep you secure. If an encryption algorithm or service you use is compromised, you want to know about it before a malicious actor exploits it against you.
+==== Resources ====
+If you're looking for relevant resources on these topics, you can check out:
+  * The [[https://www.eff.org/|Electronic Frontier Foundation]] is probably the most important organization addressing these issues,
+  * They provide several practical tools:
+    * [[https://atlasofsurveillance.org/|Atlas of Surveillance]],
+    * [[https://ssd.eff.org/|Surveillance Self-Defense]],
+    * [[https://coveryourtracks.eff.org/|Cover Your Tracks]],
+  * You can also take a look at [[https://www.techlore.tech/|Techlore]], which aims to document and simplify security and privacy for the general public.
+{{tag>Web Cryptography Security Linux}}