Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Mean Daddy

Absolute #1: Multifactor Authentication (MFA)

If you’re not using MFA everywhere it’s available, you’re at risk. If you’re doing business with agencies that don’t provide MFA, you should demand that they do. Phone call and text messages ARE NOT SAFE! Do not be lulled into complacency. Phone and SMS factors have been against Federal cyber guidelines since 2015! Implement phishing-resistant MFA everywhere you can.

#2: EVERYTHING you do on your phone can be seen. Everything. I’m not embellishing this. I work in cybersecurity, and what I’ve seen would make the majority of thinking people in this world throw their phones in the trash. Even encrypted peer-to-peer apps such as WhatsApp and Signal have been compromised recently. Do NOT trust your phone for anything important.

#3: Don’t think you’re safe behind a VPN. While many VPNs have been public about not retaining records that could be subpoenaed, there are recent stories about nation state actors, including the CIA & NSA, compromising VPN providers to snoop. A VPN is just a redirect. It masks your source IP, but if they’re able to infiltrate the VPN provider itself, then you’re not anonymous.

#4: Remember this phrase: “Defense in depth.” Utilize VPN but also use a TOR browser along with a custom DNS provider, preferably a local Pi Hole but a public provider from OpenNIC will suffice, and make sure you’re using DNS over HTTPS (DoH). Where you go on the Internet is very easy to discover from DNS queries since almost everything uses names instead of IP addresses. Normal DNS traffic is unencrypted. All it takes is someone doing a packet capture on a network to which you’re attached to find out where you’re going. That includes websites behind HTTPS/TLS.

Using a VPN with TOR and a custom DNS provider is about as strong as you can get to anonymize yourself, but it’s not bulletproof. If the spooks want to figure out who you are, it’s only a matter of time.

#5: STOP USING SOCIAL MEDIA! It’s a cancer on our society and has almost zero redeeming value. It is also the source of a majority of scams, malware, and phishing.


86 posted on 12/24/2024 12:19:11 PM PST by rarestia (“A nation which can prefer disgrace to danger is prepared for a master, and deserves one.” -Hamilton)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: rarestia

Thanks for the information. Regarding MFA, do you recommend using a generator like Microsoft Authenticator vs. text/phone then? Thank you.


91 posted on 12/24/2024 12:54:04 PM PST by Mean Daddy (Every time Hillary lies, a demon gets its wings. - Windflier)
[ Post Reply | Private Reply | To 86 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson