Password Storage When you register an account on a website, a SQL database stores the password. These passwords aren’t securely stored too often, and journalists have caught some big companies storing passwords in plain text. Some sites are marginally better because they encrypt passwords before storing them in a database. This doesn’t provide much additional security if the decryption key and database are on the same server. Anyone worth their salt (pun intended) will use more robust security methods, of which there are two: hashing and hashing with a salt.

Server Hardening This last part of my security and privacy guide is focused on server infrastructure. In particular, I’ll be covering the securing of common services as well as various steps to take that will prevent intruders from easily gaining access. Some of the things mentioned in here can be applied to desktop machines as well. Common Vulnerable Services It’s often the case that people don’t do their basic diligence in fully securing system daemons that are network facing.

Social Media and Mobile Phones This second part of my three part guide specifically focuses on mobile devices, social media use, and how to protect yourself while protesting. The Dilemma with Smart Phones Phones (and to a slightly lesser degree tablets depending on the model) pose a risk to your privacy and security of significantly greater magnitude than any desktop or laptop device. That is why before saying anything more, your best bet is to not make use of any mobile phone if you can get away with it.

Comprehensive Security and Privacy Strategy for 2020 With the plight of the COVID-19 pandemic forcing people to digitize nearly all aspects of their lives, now is the perfect time for a general purpose guide to staying as safe as possible online. This guide has good pointers for just about anyone, but dissidents and journalists in particular should take particular note of this guide and fully implement the suggestions made below. I go highly in depth with application choice and best practices for privacy and security for desktop platforms as well as general services including those that bridge the online/offline divide.