From ArchWiki

Tango-preferences-desktop-locale-modified.pngThe translation of this article or section does not reflect the original text.Tango-preferences-desktop-locale-modified.png

Reason: This article uses machine translation, if there is any inappropriateness, please correct it 本文为机器翻译,如有不当之处,敬请指正 (Discuss in User talk:Vincentule/ModernSecurityProtectionGuide)
Warning: This article is reproduced in Modern Privacy Protection Guide-Arch Linux Studio, follow CC-BY-NC-ND 4.0 Agreement

This guide provides a more complete set of privacy protection solutions for pro-democracy activists, dissidents of authoritarian/dictatorial authorities, trade unionists, and anyone who realizes the value of privacy to individuals.This project has made a lot of references to the blogs ofDigital-Privacy编程随想,and iyouport.

Note: The content of this book is not expressly directed to any one country. How to prevent it depends on your location, the composition of the country where you are located, and the form of speech processing. The environment in which sensitive data is generated needs to disable all applications or websites of companies or institutions under authoritarian/dictatorial governments, and you need to choose applications from other countries that do not have close ties or cooperation with authoritarian/dictatorial governments, which can protect even your privacy and sensitive information is collected by them, it will not pose a serious threat to your personal safety. The exception is that if you have enough influence, it is dangerous to use any centralized or non-complete anonymity method, because it is entirely possible to use "hostage exchanges" between governments and various "flexible diplomacy" means to exchange various data of the people who need to be arrested.

Concise advice

Note: Such behavior is discouraged, and for the privacy field, it is worth spending a lot of time researching and practicing

1. The device with the most serious privacy violation and surveillance is the mobile phone, various proprietary software such as WeChat, Tencent QQ, Alipay, Taobao, Sogou input method, and the National Anti-Fraud Center APP are the main force of such behaviors.We recommend that you use comparable free software instead. Given that the vast majority of people cannot escape the control of the proprietary software mentioned above, you can prepare more than two mobile devices, and only communicate without sensitive content on the device with the proprietary software. The same on a personal computer.

2. Use different nicknames and avatars for each social, video, news and other platform. Especially for platforms in democracies, there must be a clean separation from platforms in authoritarian/dictatorial countries.

3. Do not use uniform and similar passwords on multiple platforms. It is possible to use a password manager, but doing so requires a constant and high level of attention to the security of the password manager itself. In fact, using a good physical password pad is also a good option.

4. Always distrust the clarifications and statements made by various companies after their misdeeds were exposed. Don't trust any company that doesn't do evil.

5. Control your desire to show off on various platforms. The fewer traces left on the network, the safer it is to be tracked.

6. Try not to use the browser's "remember password" function. There are many forensic tools for browsers, and it is easy to extract cookies, browsing records, saved passwords, etc. The "remember password" feature of browsers in authoritarian/dictatorial countries must not be used.

7. Don't think that it is safe to use a virtual machine and use VPN. WebRTC leaked IP, browser and canvas fingerprints, DNS leaks, system time, browser 0days, etc., can all be traced to certain information.

8. Clean up the accumulated information such as emails, text messages, call records, recycle bins, etc. on a regular or irregular basis.

You should not use proprietary software or services

A detailed link explanation of proprietary software has been given above. In most scenarios, you can also simply understand it as software that does not release source code. For example, there are many software in mobile phones such as WeChat, Alipay, etc., and many software in PC computers such as 360 Guardian, Microsoft Office, etc. They are the greatest threat to personal privacy and security.

There are many users who think that these proprietary software can be used safely without granting the various permissions they apply for. This idea is very naive. As long as these proprietary software can connect to the Internet, they can record and report data and metadata generated by various users using the software. At the same time, a personal mobile phone itself is a device full of loopholes, and there are many ways to obtain various information of personal privacy.

Regarding metadata, here is a more detailed explanation. Compared with ordinary data, such as chat records, files stored in the machine, etc., metadata does not have specific data content, but records other information related to these data, such as when the communication is carried out, when the device is turned on and off. When the mobile phone user communicates with whom during which time period, when the user opens WeChat, what functions are used in WeChat, etc. These metadata may seem less valuable than the actual data, but they are still powerful enough to allow authoritarian government surveillance agencies to easily obtain information about a natural person.

We recommend readers to use open source alternatives to the relevant proprietary software, if you have an Android phone, you can install F-Droid Open Source App Store , find and install each kind of open source software. If you have to use these proprietary software for practical reasons (for example, in China, it would be impossible to do anything without the health code function provided by WeChat or Alipay), then installing these proprietary software on a separate device may be the best option at present.