DEV Community

Paula
Paula

Posted on

Privacy level up!

A computer for an ordinary user seems to need very less. User friendly interface, fast processing, internet connection, basic office pack, maybe a couple of games... Not a big deal. Most of these computers comes with windows already installed and antivirus, too.

But these characteristics aren't as secure as we may think, even if they are commonly found. If we are looking for a greater security and privacy, there are a few things to take in consideration.

1 - Operating system. We cannot think of privacy without thinking in Linux. Once we have clear we need to install Linux in our machine, the question is "which one?" we will see

2 - TOR, using TOR, as they themselves describe, might not be the solution to all your privacy problems, but it does help quite a lot.

3 - PGP, Virtual Keyboard, VPN, KeePass and other techniques to add to your routine

4 - Protonmail, as a more secure and free alternative for e-mail than gmail and other.

5 - JITSI, as a secure alternative to Skype or videocall services

So which Operating System should we choose? In this case I'm asked to configure the computer itself so it doesn't need to be a live system (I'll configure a pendrive for TAILS live system too in this case, tho, just in case), but we have several options to consider. Qubes, Subgraph, Head or Whonix are some of them.

If we want a further search, I would suggest to take care of these details:

  • Debian or any other stable system based
  • Reasonable windows/desktop manager such as Openbox (and avoid Unity based KDE and similar)
  • Connections to the Internet with TOR
  • Better if they already come with a privacy apps package, but that's only a plus, as we can implement it later.

We can find some good advise in TAILS documentation about programs and privacy tips.

And now, what am I going to do?

  • First of all I'm wiping away Windows, my client already did a backup, if you have valuable things and archives I suggest to do the same. I'm going to install one of the systems above, probably Qubes. I'm also going to set up a TAILS pendrive too.

  • Secondly I'm installing TOR and setting up internet connections to go through it.

  • Third, I'm creating a PGP key for encryption and decryption.

  • Forth, I'm installing KeePass, Virtual Keyboard and similar apps. Also a regular Office pack.

  • Last but not least, I'm creating a documentation cheatsheet, user-friendly so the client can use everything without going crazy.

Top comments (2)

Collapse
 
gregorybodnar profile image
Greg Bodnar

I've just been looking at using PGP/GnuPG to manage my SSH keys. If I set an expiry on the authentication key, such as 1 year, it will encourage me to periodically generate a new key and redeploy them. I've been sitting on old keys for far too long.

Collapse
 
terceranexus6 profile image
Paula

ah! I do the same, setting expiration is a good way to remind us to change the keys. I even set shorter expiration dates.