From d0c1e81094fe2cf0f1501973bf8a7f29cad7fff0 Mon Sep 17 00:00:00 2001 From: 0x0102121wqs <108590577+0x0102121wqs@users.noreply.github.com> Date: Wed, 13 Jul 2022 02:35:26 +0300 Subject: [PATCH 1/6] Remove track ref - Links with referential content may violate privacy. so i removed it --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 38304c8..53d48f0 100644 --- a/README.md +++ b/README.md @@ -180,7 +180,7 @@ Although well-established encryption methods are usually very secure, if the pas | Provider | Description | | --- | --- | **[Librewolf](https://librewolf-community.gitlab.io/)** | Librewolf is an independent β€œfork” of Firefox, with the primary goals of privacy, security and user freedom. It is the community run successor to LibreFox -**[Brave Browser](https://brave.com/?ref=ali721)** | Brave Browser, currently one of the most popular private browsers - it provides speed, security, and privacy by blocking trackers with a clean, yet fully-featured UI. It also pays you in [BAT tokens](https://basicattentiontoken.org/) for using it. Brave also has Tor built-in, when you open up a private tab/ window. +**[Brave Browser](https://brave.com)** | Brave Browser, currently one of the most popular private browsers - it provides speed, security, and privacy by blocking trackers with a clean, yet fully-featured UI. It also pays you in [BAT tokens](https://basicattentiontoken.org/) for using it. Brave also has Tor built-in, when you open up a private tab/ window. **[Firefox](https://www.mozilla.org/firefox)** | Significantly more private, and offers some nifty privacy features than Chrome, Internet Explorer and Safari. After installing, there are a couple of small tweaks you will need to make, in order to secure Firefox. For a though config, see [@arkenfox's user.js](https://github.com/arkenfox/user.js/). You can also follow one of these guides by: [Restore Privacy](https://restoreprivacy.com/firefox-privacy/) or [12Bytes](https://12bytes.org/7750) **[Tor Browser](https://www.torproject.org/)** | Tor provides an extra layer of anonymity, by encrypting each of your requests, then routing it through several nodes, making it near-impossible for you to be tracked by your ISP/ provider. It does make every-day browsing a little slower, and some sites may not work correctly. As with everything there are [trade-offs](https://github.com/Lissy93/personal-security-checklist/issues/19) From 816968c9bf48670a62fe7d767e7f72c0d96b8756 Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Wed, 13 Jul 2022 12:36:11 +0100 Subject: [PATCH 2/6] Adds automations to notify if domain expiring --- .github/workflows/check-domain.yml | 42 ++++++++++++++++++++ .github/workflows/welcome-non-stargazers.yml | 18 +++++++++ 2 files changed, 60 insertions(+) create mode 100644 .github/workflows/check-domain.yml create mode 100644 .github/workflows/welcome-non-stargazers.yml diff --git a/.github/workflows/check-domain.yml b/.github/workflows/check-domain.yml new file mode 100644 index 0000000..542dc77 --- /dev/null +++ b/.github/workflows/check-domain.yml @@ -0,0 +1,42 @@ +# Checks domain and SSL status, then raises an issue if either is expiring soon +name: 🌎 Check Domain Expiry +on: + workflow_dispatch: + schedule: + - cron: '0 5 * * 6' # Every Saturday morning. +jobs: + check-domain: + runs-on: ubuntu-latest + name: Check domain + strategy: + matrix: + domain: + - https://awesome-privacy.xyz + steps: + - name: Check domain SSL and registry expire date + id: check-domain + uses: codex-team/action-check-domain@v1 + with: + url: ${{ matrix.domain }} + - name: Raise issue if domain expiring soon + if: ${{ steps.check-domain.outputs.paid-till-days-left && steps.check-domain.outputs.paid-till-days-left < 30 }} + uses: rishabhgupta/git-action-issue@v2 + with: + token: ${{ secrets.BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + assignees: Lissy93 + title: '[WEBSITE] Domain Expiring Soon' + body: > + **Priority Notice** + Domain, ${{ matrix.domain }} will expire in ${{ steps.check-domain.outputs.paid-till-days-left }} days. + @Lissy93 - Please take action immediately to prevent any downtime + - name: Raise issue if SSL Cert expiring soon + if: ${{ steps.check-domain.outputs.ssl-expire-days-left && steps.check-domain.outputs.ssl-expire-days-left < 14 }} + uses: rishabhgupta/git-action-issue@v2 + with: + token: ${{ secrets.BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + assignees: Lissy93 + title: '[WEBSITE] SSL Cert Expiring Soon' + body: > + **Priority Notice** + The SSL Certificate for ${{ matrix.domain }} will expire in ${{ steps.check-domain.outputs.ssl-expire-days-left }} days, on ${{ steps.check-domain.outputs.ssl-expire-date }}. + @Lissy93 - Please take action immediately to prevent any downtime diff --git a/.github/workflows/welcome-non-stargazers.yml b/.github/workflows/welcome-non-stargazers.yml new file mode 100644 index 0000000..57091ec --- /dev/null +++ b/.github/workflows/welcome-non-stargazers.yml @@ -0,0 +1,18 @@ +name: ⭐ Hello non-Stargazers +on: + issues: + types: [opened] +jobs: + check-user: + if: ${{ github.event.comment.author_association != 'CONTRIBUTOR' }} + runs-on: ubuntu-latest + name: Add comment to issues opened by non-stargazers + steps: + - name: comment + uses: qxip/please-star-light@v4 + with: + token: ${{ secrets.BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + autoclose: false + message: | + If you're enjoying Awesome-Privacy, consider dropping us a ⭐
+ _πŸ€– I'm a bot, and this message was automated_ From 224dfe37416f0ec8d468465a1ab755e9cab215bd Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Wed, 13 Jul 2022 16:39:03 +0100 Subject: [PATCH 3/6] Updates browser extensions, F-Droid, Thunderbird Closes #15 Closes #16 Closes #17 Closes #18 --- README.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4dd1366..11bf73a 100644 --- a/README.md +++ b/README.md @@ -290,7 +290,7 @@ Email clients are the programs used to interact with the mail server. For hosted | Provider | Description | | --- | --- | -**[Mozilla Thunderbird](https://www.thunderbird.net)** (Desktop) | Free and open source email application developed and backed by Mozilla -it's secure, private easy and customizable. The [Enigmail](https://www.enigmail.net) add-on allows for easy encryption/ decryption of PGP messages, and the [TorBirdy](https://trac.torproject.org/projects/tor/wiki/torbirdy) extension routes all traffic through the Tor network. +**[Mozilla Thunderbird](https://www.thunderbird.net)** (Desktop) | Free and open source email application developed and backed by Mozilla -it's secure, private easy and customizable. ~~The [Enigmail](https://www.enigmail.net) add-on allows for easy encryption/ decryption of PGP messages~~ (as of V 78.2.1 encryption is built in), and the [TorBirdy](https://trac.torproject.org/projects/tor/wiki/torbirdy) extension routes all traffic through the Tor network. **[eM Client](https://www.emclient.com/)** (Desktop) | Productivity-based email client, for Windows and MacOS. eM Client has a clean user interface, snappy performance and good compatibility. There is a paid version, with some handy features, including snoozing incoming emails, watching for replies for a specific thread, message translation, send later, and built-in Calendar, Tasks, Contacts and Notes. Note, eM Client is propriety, and not open source **[RainLoop](http://www.rainloop.net)** (Web) | Simple, modern, fast web-based mail client **[RoundCube](https://roundcube.net)** (Web) | Browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an email client, including MIME support, address book, folder manipulation, message searching and spell checking @@ -413,7 +413,10 @@ The following browser add-ons give you better control over what content is able [Extension source viewer](https://addons.mozilla.org/en-US/firefox/addon/crxviewer) is a handy extension for viewing the source code of another browser extension, which is a useful tool for verifying the code does what it says #### Word of Warning -*Be careful when installing unfamiliar browser add-ons, since some can compromise your security and privacy. At the time of writing, the above list were all open source, verified and 'safe' extensions. Having many extensions installed can cause your fingerprint to be more unique, hence making tracking easier. In most situations, only a few of the above extensions will be needed in combination.* +- _Having many extensions installed raises entropy, causing your fingerprint to be more unique, hence making tracking easier._ +- _Much of the functionality of the above addons can be applied without installing anything, by configuring browser settings yourself. For Firefox this is done in the user.js_ +- _Be careful when installing unfamiliar browser add-ons, since some can compromise your security and privacy. At the time of writing, the above list were all open source, verified and 'safe' extensions._ +- _In most situations, only a few of the above extensions will be needed in combination._ **See also** [Browser & Search Security Checklist](https://github.com/Lissy93/personal-security-checklist/blob/master/README.md#browser-and-search) @@ -448,6 +451,7 @@ The following browser add-ons give you better control over what content is able **[AFWall+](https://github.com/ukanth/afwall/)** | Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices, which provides very fine-grained control over which Android apps are allowed to access the network **[Catch the Man-in-the-Middle](https://play.google.com/store/apps/details?id=me.brax.certchecker)** | Simple tool, that compares SHA-1 fingerprints of the the SSL certificates seen fron your device, and the certificate seen from an external network. If they do not match, this may indicate a man-in-the-middle modifying requests **[RethinkDNS + Firewall](https://github.com/celzero/rethink-app)** | An open-source ad-blocker and firewall app for Android 6+ (does not require root) +**[F-Droid](https://f-droid.org/)** | F-Droid is an installable catalogue of FOSS applications for Android. The client enabled you to browse, install, and keep track of updates on your device #### Word of Warning Too many installed apps will increase your attack surface - only install applications that you need @@ -1317,7 +1321,8 @@ For 1-off malware scans on Windows, [MalwareBytes](https://www.malwarebytes.com) #### Word of Warning For Microsoft Windows, Windows Defender provides totally adequate virus protection in most cases. These tools are intended for single-use in detecting/ removing threats on an infected machine, and are not recommended to be left running in the background, use portable editions where available. -Many anti virus products have a history of introducing vulnerabilities themselves, and several of them seriously degrade the performance of your computer, as well as decrease your privacy. Never use a free anti-virus, and never trust the companies that offer free solutions, even if you pay for the premium package. This includes (but not limited to) Avast, AVG, McAfee and Kasperky. For AV to be effective, it needs intermate access to all areas of your PC, so it is important to go with a trusted vendor, and monitor it's activity closely. Read more about why you shouldn't use [Anti-Spy Tools, on Windows](https://as93.link/gjlj4). +Many anti virus products have a history of introducing vulnerabilities themselves, and several of them seriously degrade the performance of your computer, as well as decrease your privacy. Never use a free anti-virus, and never trust the companies that offer free solutions, even if you pay for the premium package. This includes (but not limited to) Avast, AVG, McAfee and Kasperky. For AV to be effective, it needs intermate access to all areas of your PC, so it is important to go with a trusted vendor, and monitor it's activity closely. +
@@ -1641,6 +1646,7 @@ If you found this project helpful, consider dropping us a star, and sharing with [amiunique-firefox]: https://addons.mozilla.org/en-US/firefox/addon/amiunique [//]: # (ANDROID APP LINKS) +[NetGuard]: https://play.google.com/store/apps/details?id=eu.faircode.netguard [Island]: https://play.google.com/store/apps/details?id=com.oasisfeng.island [Orbot]: https://play.google.com/store/apps/details?id=org.torproject.android [Bouncer]: https://play.google.com/store/apps/details?id=com.samruston.permission From 80dd89fcf17d8b9d9b32a7cf2b991d5938f6e529 Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Wed, 13 Jul 2022 16:40:00 +0100 Subject: [PATCH 4/6] Adds plaintext accounting tools (#14) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 11bf73a..a06e9a8 100644 --- a/README.md +++ b/README.md @@ -1147,6 +1147,7 @@ Note that credit card providers heavily track transaction metadata, which build **[EasyBudget](https://play.google.com/store/apps/details?id=com.benoitletondor.easybudgetapp)** (Android) | Clean and easy-to-use app open source budgeting app. It doesn't have all the features that alternatives offer, but it does simple budget management and planning very effectively **[HomeBank](http://homebank.free.fr)** (Desktop) | Desktop personal financial management option. Great for generating charts, dynamic reports and visualising transactions. HomeBank makes it easy to import financial data from other software (Quick Books, Microsoft Money etc) and bank accounts (in OFX/QFX, QIF, CSV format), and has all the essential features you'd expect. Available on Linux and Windows (and a 3rd-party port for Mac OS) **[GnuCash](https://www.gnucash.org)** (Desktop) | Full-featured cross-platform accounting application, which works well for both personal and small business finance. First released in 1998, GnuCash is long standing and very stable, and despite a slightly dated UI, it's still a very popular option. Originally developed for Linux, GnuCash is now available for Windows, Mac and Linux and also has a well rated official [Android app](https://play.google.com/store/apps/details?id=org.gnucash.android&hl=en) +**[Plain Text Accounting](https://plaintextaccounting.org)** | Plain text accounting is a way of doing bookkeeping / accounting with plain text files and scriptable, command-line-friendly software, such as Ledger](https://www.ledger-cli.org), [hledger](https://hledger.org/), [Beancount](https://github.com/beancount/beancount) and [more](https://plaintextaccounting.org/#pta-apps). Unlike other tools, you have full control over your data, and are not tied to a particular vendor #### Notable Mentions Spreadsheets remain a popular choice for managing budgets and financial planning. [Collabora](https://nextcloud.com/collaboraonline) or [OnlyOffice](https://nextcloud.com/onlyoffice) (on [NextCloud](https://nextcloud.com)), [Libre Office](https://www.libreoffice.org) and [EtherCalc](https://ethercalc.net) are popular open source spread sheet applications. [Mintable](https://github.com/kevinschaich/mintable) allows you to auto-populate your spreadsheets from your financial data, using publicly accessible API - mitigating the requirement for a dedicated budgeting application. From bd28fc35e5fa922808cd2410b709a0c9e70d020c Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Wed, 13 Jul 2022 16:43:59 +0100 Subject: [PATCH 5/6] Adds OVPN under VPNs (#12) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a06e9a8..11b5d02 100644 --- a/README.md +++ b/README.md @@ -507,6 +507,7 @@ VPNs are good for getting round censorship, increasing protection on public WiFi **[Azire](https://www.azirevpn.com/)** | Azire is a Swedish VPN provider, who owns their own hardware with physically removed storage and a no logging policy. Pricing starts at €3.25/mo, with crypto (including XMR) supported. Note that they've not yet been audited, and client applications are not open source, for more info, see [#140](https://github.com/Lissy93/personal-security-checklist/issues/140). **[IVPN](https://www.ivpn.net/)** | Independently Security Audited VPN with anonymous signup, no logs, no cloud or customer data stored, open-source apps and website. Strong ethics: no trackers, no false promises, no surveillance ads. Accepts various payment methods including crypotcurrencies. **[ProtonVPN](https://protonvpn.com/)** | From the creators of ProtonMail, ProtonVPN has a solid reputation. They have a full suit of user-friendly native mobile and desktop apps. ProtonVPN is one of the few "trustworthy" providers that also offer a free plan +**[OVPN](https://www.ovpn.com/)** | A court-proven VPN service with support for Wireguard and OpenVPN support, and optional ad-blocking. Running on dedicated hardware, with no hardrives #### Word of Warning - *A VPN does not make you anonymous - it merely changes your public IP address to that of your VPN provider, instead of your ISP. Your browsing session can still be linked back to your real identity either through your system details (such as user agent, screen resolution even typing patterns), cookies/ session storage, or by the identifiable data that you enter. [Read more about fingerprinting](https://pixelprivacy.com/resources/browser-fingerprinting/)* From 34fa21853591de4592ff4f7f93887e73ea6e5f01 Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Wed, 13 Jul 2022 17:26:44 +0100 Subject: [PATCH 6/6] Adds Code Hosting under Development (#6) --- README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/README.md b/README.md index 11b5d02..752d032 100644 --- a/README.md +++ b/README.md @@ -76,6 +76,8 @@ corporations, governments, and hackers from logging, storing or selling your per - [Windows Defences](#windows-defences) - [Mac OS Defences](#mac-os-defences) - [Anti-Malware](#anti-malware) +- **Development** + - [Code Hosting](#code-hosting) - **Home/ IoT** - [Home Automation](#home-automation) - [Voice Assistants](#ai-voice-assistants) @@ -1345,6 +1347,18 @@ For creating dashboard from IoT devices, see [ThingsBoard](https://thingsboard.i #### Word of Warning IoT smart home devices can open you up to many security risks and exploits. It is really important that you configure them correctly, setting strong unique passwords, turn off data sharing, and if possible restrict internet access so devices can only communicate within your local network. See [Smart Home Security Checklist](https://github.com/Lissy93/personal-security-checklist#smart-home) for more tips. +
+ +## Code Hosting + +| Provider | Description | +| --- | --- | +[SourceHut](https://sourcehut.org/) | Git and mercurial code hosting, task management, mailing lists, wiki hosting and Alpine-based build pipelines. Can be self-hosted, or used through the managed instance at [sr.ht](https://sr.ht/) +[CodeBerg](https://codeberg.org/) | A fully-managed instance of Gitea +[GitLab](https://gitlab.com) | Fully-featured git, CI and project management platform. Managed instance available, but can also be self-hosted +[Gitea](https://gitea.io/) | Lightweight self-hosted git platform, written in Go +[Gogs](https://gogs.io/) | Lightweight self-hosted git platform, written in Go + ## AI Voice Assistants