Your adversary is the person or organization attempting to undermine your security goals. Adversaries can be different, depending on the situation. For instance, you may worry about criminals spying on the network at a cafe, or your classmates logging into your accounts on a shared computer at a school. Often the adversary is hypothetical.
A computer or network that is physically isolated from all other networks, including the Internet, is said to be air-gapped.
Software that attempts to protect a device from being taken over by malicious software (or “malware"). Viruses were some of the first and most prevalent forms of malware; they were named viruses to reflect the way they would spread from device to device. These days most antivirus software concentrate on warning you if you are downloading a suspicious file from an external source, and examining files on your computer to see if they match the software's idea of what malware looks like.
Anti-virus software can only recognize malware if it is similar to samples that the anti-virus developer has already analyzed. This makes it far less effective at combating targeted malware designed to infiltrate a particular community or person, rather than more widespread strains of malware. Some advanced malware can also actively attack or conceal itself from antivirus software.
In computer security, an attack is a method that can be used to compromise security. An attacker is the person or organization using an attack. An attack is sometimes called an "exploit."
The various properties of your web browser and computer that a website can notice when you visit. They may be slightly different from other browsers or computers, which can be a way to recognize you even if you didn't log in, even if your computer doesn't save cookies, and even if you connect to the Internet from a different network in the future. For example, you might be the only person who visits a particular site from a device set to a particular language, with a particular screen size, and using a particular web browser version; then the site could realize that it's you whenever you visit, even if you don't do anything else to reveal your identity.
A phone that is not connected to your identity, is only used for a small set of calls or activities, and can be discarded if and when it is suspected of being tracked or compromised. Burner phones are often pre-paid mobile phones bought with cash.
The capability of an attacker (in the sense we use it in this guide) is what it is able to do to achieve its aims. For example, a country's security services might have the capability to listen to telephone calls while a neighbor may have the capability to watch you from their window. To say that an attacker “has" a capability does not mean that they will necessarily use that capability. It does mean that you should consider and prepare for the possibility.
The "command line" is a way of giving a computer a series of small, self-contained orders. To use a command line tool, the user types a command into a window called a terminal emulator, hits the return or enter key, and then receives a textual response in the same window. Windows, Linux, and Mac computers still run software using this interface, and even some mobile phones can do the same with the right app. The command line can be used to run software pre-packaged with your operating system. Some downloadable programs, especially technical utilities, use the command line instead of a more familiar "icons and buttons" user interface. The command line requires you to type in exactly the right set of letters and numbers to get the correct result, and it can be unclear what to do if the responses don't match your expectations.
A commercial Virtual Private Network is a private service that offers to securely relay your Internet communications via their own network. The advantage of this is that all of the data you send and receive is hidden from local networks, so it is safer from nearby criminals, untrusted local ISPs, or anyone else spying on your local network. A VPN may be hosted in a foreign country, which is useful both for protecting communications from a local government, and bypassing national censorship. The downside is that the traffic is decrypted at the commercial VPN's end. That means you need to trust the commercial VPN (and the country where it is located) not to spy on your traffic.
Cookies are a web technology that let websites recognize your browser. Cookies were originally designed to allow sites to offer online shopping carts, save preferences, or keep you logged on to a site. They also enable tracking and profiling so sites can recognize you and learn more about where you go, which devices you use, and what you are interested in – even if you don't have an account with that site, or aren't logged in.
Services such as email, web, and access to files and printers that are accessible from within a company or large institution's local network, but not to the wider Internet. Most companies take this as being sufficient security to protect their internal documents, but this means that any attack that can connect to the intranet can access or interfere with all the information being kept locally. An example of such an attack is tricking an employee to install malware on their laptop. To allow employees to access the intranet via the wider Internet, companies will often provide their own Virtual Private Network (VPN) which creates a secure connection to the inside of the intranet from anywhere in the world.
The art of designing secret codes that let you send and receive messages to a recipient without others being able to understand the message.
Any kind of information, typically stored in a digital form. Data can include documents, pictures, keys, programs, messages, and other digital information or files.
The use of a mathematical technique to confirm the origin of information, and to confirm that it wasn't changed since it was written. Digital signatures may be used with software downloads to make sure that the software you're installing is the same as the official version, and that nobody has tampered with it. They're also often used to confirm encrypted email has not been altered. When information isn't protected by a digital signature, an attacker could change the contents of what someone wrote or published, and there wouldn't be a technical means to detect that this happened.
A method for taking a website or other Internet service offline, by coordinating many different computers to request or send data to it simultaneously. Usually the computers used to conduct such an attack are remotely controlled by people who have taken over the machines by breaking into them, or infecting them with malware.
The address, in words or letters, of a website or Internet service; for example: ssd.eff.org
To scramble information or a message mathematically so that it seems meaningless, but can still be restored to its original form by a person or device that possesses a piece of data that can unscramble it (a key.) This limits who can access the information or message because without the right key, it is nearly impossible to reverse the encryption and recover the original information. Encryption is one of several technologies that make up the field called cryptography.
A process that takes a message and makes it unreadable except to a person who knows how to "decrypt" it back into a readable form.
End-to-end encryption ensures that a message is turned into a secret message by its original sender, and decoded only by its final recipient. Other forms of encryption may depend on encryption performed by third-parties. That means that those parties have to be trusted with the original text. End-to-end encryption is generally regarded as safer, because it reduces the number of parties who might be able to interfere or break the encryption.
A sequence of letters and numbers that mathematically represent the contents of a file. Changing the file even a tiny bit will completely change its fingerprint. Checking the fingerprint of a file that you've downloaded, such as a software application or extension, helps to make sure that you got the file that you intended, and that nobody has tampered with it while it was being downloaded.
Where data—including personal files such as documents, notes, and pictures— is stored, usually locally, on your computer or other device.
An older method for copying files from a local computer to a remote one, or vice versa. The job of FTP programs (and the FTP servers that stored the files) have mostly been replaced by web browsers and web servers, or file synchronising programs like Dropbox.
The keys of public key cryptography are very large numbers, sometimes a thousand or more digits long. A fingerprint is a much smaller number or set of numbers and letters that can be used as a unique name for that key, without having to list all of the key's digits. So, for instance, if you and a friend wished to make sure you both had the same key, you could either spend a long time reading off all the hundreds of digits in the key, or you could each compare your key's fingerprints instead. The fingerprints presented by cryptographic software usually consist of around 40 letters and numbers. If you carefully check that a fingerprint has the right value, you should be safe against impersonation using a fake key. Some software tools may offer more convenient alternative ways to verify a friend's key, but some form of verification needs to happen to prevent communications providers from easily being able to listen in.
A tool that protects a computer from unwanted connections to or from local networks and the Internet. A firewall might have rules that forbid outgoing email, or connections to certain websites. Firewalls can be used as a first line of defense to protect a device from unexpected interference. They can also be used to prevent users from accessing the Internet in certain ways.
A property of a secure messaging system which ensures that your past communications can remain secure even if one of the secret keys is stolen later. Forward secrecy works by using the participant’s secret keys to generate a new key, which is only used for the current conversation and destroyed afterwards, rendering old messages impossible to decrypt. For HTTPS websites, forward secrecy is an important protection against adversaries like intelligence agencies which may record large amounts of traffic and use a stolen key to decrypt it. For instant messaging and chat systems, forward secrecy is necessary to ensure that deleted messages are really deleted, but you will also need to either disable logging or securely delete past messages.
If you're planning on securing data on your local device, you could choose to just encrypt a few important files, or you could encrypt everything on the computer. “Full disk encryption” is the term for encrypting everything. It's usually safer (and often easier) to use full disk encryption than to manage just a few individually encrypted files. If you encrypt individual files, your computer might make temporary unencrypted copies of those files without you noticing. And some software might keep some unencrypted records about your use of your computer. Apple's OS X, Linux, and some versions of Windows all have built-in full disk encryption, but it is usually not turned on by default.
If you've ever seen a web address spelled out as “http://www.example.com/”, you'll recognize the “http” bit of this term. HTTP (hypertext transfer protocol) is the way a web browser on your machine talks to a remote web server. Unfortunately, standard http sends text insecurely across the Internet. HTTPS (the S stands for “secure”) uses encryption to better protect the data you send to websites, and the information they return to you, from prying eyes.
IMAP is the way that many email programs communicate with services that send, receive, and store your email. By changing the IMAP settings on your email program, you can choose to load email from different servers or set the level of security and encryption used to transfer the mail across the Internet to you.
Clues that show that your device may have been broken into or tampered with.
Filtering is a polite term for blocking or censoring Internet traffic. Virtual Private Networks or services like Tor are sometimes used to access Internet communications that would otherwise be filtered.
A device on the Internet needs its own address to receive data, just like a home or business needs a street address to receive physical mail. This address is its IP (Internet Protocol) address. When you connect to a website or other server online, you usually reveal your own IP address. This doesn't necessarily reveal either your identity (it's hard to map an IP address to a real address or a particular computer). An IP address can give away some information about you, however, such as your rough location or the name of your Internet Service Provider. Services like Tor let you hide your IP address, which helps give you anonymity online.
A sequence of letters or numbers that represent a public key. Some privacy tools let you check the match between someone's key fingerprint as seen by your device and by their device. The purpose of this check is to prevent a man-in-the-middle attack, where someone tricks you into using the wrong key.
To receive encrypted messages using public key cryptography (and to reliably inform others that a message genuinely came from you), you need to create two keys. One, the private key, you keep secret. The other, the public key, you can let anyone see. The two keys are connected mathematically, and are often collectively known as a "keypair."
In public key cryptography, each person has a set of keys. To send a message securely to a particular person, you encrypt your message using their public key. An attacker may be able to trick you into using their key, which means that they will be able to read your message, instead of the intended recipient. That means that you have to verify that a key is being used by a particular person. Key verification is any way that lets you match a key to a person.
When you're using public key encryption, it's important to be sure that the key you use to encrypt a message really belongs to the recipient (see key verification). PGP makes this a little easier by having a way to tell others "I believe this key belongs to this person, and if you trust me, you should believe that too." Telling the world that you trust someone's key is called "signing their key": it means anyone who uses that key can see you vouched for it. To encourage everyone to check and sign each other's keys, PGP users organize key-signing parties.
Analogy: It's like a networking party, where you introduce your friends to other friends.
A malicious program or piece of hardware that records everything you type into a device, including passwords and other personal details, allowing others to secretly collect that information. (The "key" in keylogger refers to the keys you have on your keyboard.) Keyloggers are often malware that users have been tricked into downloading and running, or occasionally physical hardware secretly plugged into a keyboard or device.
A type of attack where an adversary intercepts communications sent between you and your intended recipient, then sends them on after interception, so that neither you nor the recipient know there is a “man (or machine) in the middle.” Men-in-the-middle can spy on communications or even insert false or misleading messages into your communications. Security-focused internet communications software needs to defend against the man-in-the-middle attack to be safe against adversaries who have control of any part of the Internet between two communicators.
As an example, suppose you believe you were speaking to your friend, Bahram, via encrypted instant messenger. To check it's really him, you ask him to tell you the city where you first met. "Istanbul" comes the reply. That's correct! Unfortunately, without you or Bahram knowing, someone else online has been intercepting all your communications. When you first connected to Bahram, you actually connected to this person, and she, in turn, connected to Bahram. When you think you are asking Bahram a question, she receives your message, relays the question to Bahram, receives his answer back , and then sends it to you. Even though you think you are communicating securely with Bahram, you are, in fact, only communicating securely with the spy, who is also communicating securely to Bahram! This is the man-in-the-middle attack.
Metadata (or "data about data") is data that describes a piece of information, apart from the information itself. So the content of a message is not metadata, but who sent it, when, where from, and to whom, are all examples of metadata. Legal systems often protect content more than metadata: for instance, in the United States, law enforcement needs a warrant to listen to a person's telephone calls, but claims the right to obtain the list of who you have called far more easily. However, metadata can often reveal a great deal, and will often need to be protected as carefully as the data it describes.
Passwords are usually semi-permanent: once you set them up, you can keep using them until you manually change or reset them. One-time passwords only work once. Some one-time password systems work by having a tool or program that can create many different one-time passwords, that you use in turn. This is useful if you're afraid that there may be a keylogger on a system where you have to type in a password.
Open source software, or free software, is software that can be distributed freely in a form that lets others modify it and rebuild it from scratch. While it is known as “free software," it's not necessarily free as in zero-cost: FLOSS programmers can ask for donations, or charge for support or for copies. Linux is an example of a free, open source program, as are Firefox and Tor.
A program that runs all the other programs on a computer or device. Windows, Linux, Android and Apple's OS X and iOS are all examples of operating systems.
"Out-of-band" means any way of communicating outside of the current method. Verifying the identity of the person you're talking to over an insecure communication system often requires communicating out-of-band via another method that is less vulnerable to the same kind of attack. So, for instance, you might check that you are using someone's correct public key by talking to them in person, before using it to encrypt your email.
A passive adversary is one that can listen to your communications, but cannot directly tamper with them.
A secret meant to be memorized or otherwise protected and kept private, and meant to limit access to something so that only someone who knows the password can gain access. It might limit access to an online account, a device, or something else. A long password based on multiple words may also be called a "passphrase" to remind us that it's not just one "word." A master password is a main password used to unlock other passwords in a password manager or password safe application.
PGP or Pretty Good Privacy was one of the first popular implementations of public key cryptography. Phil Zimmermann, its creator, wrote the program in 1991 to help activists and others protect their communications. He was formally investigated by the U.S. government when the program spread outside the United States. At the time, exporting tools that included strong public key encryption was a violation of U.S. law.
PGP continues to exist as a commercial software product. A free implementation of the same underlying standard that PGP uses called GnuPG (or GPG) is also available. Because both use the same interchangeable approach, people will refer to using a “PGP key” or sending a “PGP message”, even if they are using GnuPG.
A communications protocol is a way of sending data between programs or computers. Software programs that use the same protocol can talk to each other: so web browsers and web servers speak the same protocol, called "http". Some protocols use encryption to protect their contents. The secure version of the http protocol is called "https". Another example of an encrypted protocol used by many different programs is OTR (Off-the-Record), a protocol for secure instant messaging.
A name that you choose to use in some context (like an online forum) and that others may come to recognize, but that isn’t connected to names that people know you by in your day-to-day life.
Traditional encryption systems use the same secret, or key, to encrypt and decrypt a message. So if I encrypted a file with the password "bluetonicmonster," you would need both the file and the password "bluetonicmonster" to decode it. Public key encryption uses two keys: one to encrypt, and another to decrypt. This has all kinds of useful consequences. For one, it means that you can hand out the key to encrypt messages to you, and as long as you keep the other key secret, anyone with that key can talk to you securely. The key you hand out widely is known as the "public key": hence the name of the technique. Public key encryption is used to encrypt email and files by Pretty Good Privacy (PGP), OTR for instant messaging, and SSL/TLS for web browsing.
If you plan to send a secure message to someone who uses public key cryptography like PGP, you need to know what key to use to encrypt your message. Public key servers act as a phonebook for such keys, allowing a person to use an email address, name, or key fingerprint to search for a full key and download it. There are many PGP public key servers, but they usually share their key collections with each other. Keyservers can't verify whether the keys they publish are genuine or forgeries. Anyone can upload a key to a public key server—in anyone's name. That means that a key connected to a person's name or email on a keyserver might not be their real key. In order to check the authenticity of a key, you need to check its signatures, or confirm its fingerprint with the original user in a trustworthy way.
PGP allows you to sign other people's keys, which is a way of using your own key to assert that a certain key is the right one to use to contact another person. This is meant to provide a way of distinguishing between genuine and fake keys; if people sign the right keys for people they know and communicate with, others can use those signatures to confirm that the genuine keys are genuine. When you download a key from a key server, it may include signatures from other people who affirm that it's the right one. If you know those people and know that you have the right key for them, you can have more confidence in the newly downloaded key. This verification process is also called the web of trust. Its advantage is that it's decentralized and not controlled by any authority, so you don't have to believe a certain company or government about which keys to use when writing to new people. Instead, you can believe your own social networks. One important disadvantage of the web of trust is that publishing signatures for other people's keys tells the whole world who your contacts are; it creates public evidence that you know particular people. Also, using the web of trust correctly requires a good deal of time and attention, and some communities rarely or never participate.
In computer security, risk analysis is calculating the chance that threats might succeed, so you know how much effort to spend defending against them. There may be many different ways that you might lose control or access to your data, but some of them are less likely than others. Conducting a risk assessment means deciding which threats you are going to take seriously, and which may be too rare or too harmless (or too difficult to combat) to worry about. See threat modeling.
The technology that permits you to maintain a secure, encrypted connection between your computer and some of the websites and Internet services that you visit. When you're connected to a website through this technology, the address of the website will begin with HTTPS rather than HTTP. Officially, its name was changed to Transport Layer Security (TLS) in 1999, but many people still use the old name.
A way to confirm automatically that a public key is correct (is really the one that's used by a particular entity) in order to prevent man-in-the-middle attacks. Most often used by websites to prove to your browser that you have a secure connection to the real site, and not to some other system that's tampering with your connection.
To supplement passwords, some systems use "security questions." These are queries to which only you are supposed to know the answer. The problem with security questions is that they are really just extra passwords that have potentially guessable or discoverable answers. We recommend you treat them as any other password: create a long, novel, random, phrase to answer them, and record that somewhere safe. So the next time your bank asks you your mother's maiden name, you should be ready to answer something like "Correct Battery Horse Staple."
A small, removable chip that can be inserted into a mobile device in order to provide service with a particular mobile phone carrier. SIM (subscriber identity module) cards can also store phone numbers and text messages.
Historically, computers stored data on rotating magnetic discs. Mobile devices and increasing numbers of personal computers now store permanent data on non-moving drives. These SSD drives are currently more expensive, but much faster than magnetic storage. Unfortunately, it can be more difficult to reliably and permanently remove data from SSD drives.
SSH (or Secure Shell) is a method for letting you securely control a remote computer via a command line tool. One of the features of the SSH protocol is that as well as sending commands, you can also use it to securely relay Internet traffic between two computers. To set up an SSH link, the remote system needs to operate as an SSH server, and your local machine needs an SSH client program.
A way of thinking about the sorts of protection you want for your data so you can decide which potentional threats you are going to take seriously. It's impossible to protect against every kind of trick or adversary, so you should concentrate on which people might want your data, what they might want from it, and how they might get it. Coming up with a set of possible threats you plan to protect against is called threat modeling or assessing your risks.
An email address you use once, and never again. This is often used to sign up to Internet services without revealing an email address connected to your identity.
When you visit a website, your browser sends some information to that site's operators—your IP address, other information about your computer, and cookies that link you to previous visits using that browser, for instance. If the website includes images and content taken from other web servers, that same information is sent to other websites as part of downloading or viewing the page. Advertising networks, analytics providers, and other data collectors may gather information from you in this way.
You can install additional software that runs alongside your browser and will limit how much information is shared with third-parties in this way. The most well-known examples are programs that block advertisements. EFF offers a tool called Privacy Badger which is another traffic-blocking extension.
Encrypting data as it travels across the network, so that others spying on the network (such as a hacker at a coffee shop, or your ISP) cannot read it.
"Something you know, and something you have." Login systems that require only a username and password can be vulnerable to someone else obtaining (or guessing) those pieces of information. Services that offer two-factor authentication also require you to provide a separate confirmation that you are who you say you are. The second factor could be a one-off secret code that is sent to you via email or text, a number generated by a program running on a mobile device, or a separate device, such as a USB authentication token that you carry and that you can use to confirm who you are. Companies like banks, and major internet services like Google, PayPal and Twitter now offer two-factor authentication.
Most devices let you delete data from them—for instance, you can drag a file to the Trash icon, or press delete in a photo album. But deletion does not always mean that the original data is gone. Undelete programs are applications that can be used by the device's owner, or others with access to the device, to restore some data. Undelete programs are useful for those who accidentally delete their own data, and to those whose data might have been sabotaged, such as a photographer who has been compelled to remove images from their camera. However, those same programs can be a threat to anyone who wants to permanently erase confidential data. See How to Delete Your Data Securely for advice on wiping data, and how undelete programs work on modern devices.
Any technology that allows you to use the Internet for voice communication with other VoIP users or receive telephone calls over the Internet.
A virtual private network is a method for connecting your computer securely to the network of an organization on the other side of the Internet. When you use a VPN, all of your computer's Internet communications are packaged together, encrypted, and then relayed to this other organization, where they are decrypted, unpacked, and then sent on to their destination. To the organization's network, or any other computer on the wider Internet, it looks like your computer's request is coming from inside the organization, not from your location.
VPNs are used by businesses to provide secure access to internal resources (like file servers or printers). They are also used by individuals to bypass local censorship, or defeat local surveillance.
Some forms of digital storage, like the flash memory used in solid-state drives (SSD) and USB sticks, can wear out if overwritten many times. Wear leveling is a method that spreads the writing of data evenly across all of the media to prevent one part of it being overwritten too many times. Its benefit is that it can make devices last longer. The danger for security-conscious users is that wear leveling interferes with secure erase programs, which deliberately try to overwrite sensitive files with junk data in order to permanently erase them. Rather than trusting secure erase programs with files stored on SSD or USB flash drives, it can be better to use full-disk encryption. Encryption avoids the difficulty of secure erasing by making any file on the drive difficult to recover without the correct passphrase.
The program you use to view websites on the Internet. Firefox, Safari, Internet Explorer, and Chrome are all web browsers. Mobile devices have a web browser app for the same purpose.
A website that lets its users access other, blocked or censored websites. Generally, the web proxy will let you type a web address (or URL) onto a web page, and then redisplay that web address on the proxy page. Easier to use than most other censorship-circumventing services.
A flaw in a piece of software or hardware that was previously unknown to the maker of the product. Until the manufacturers become aware of the flaw and fixes it, attackers can use it for their own purposes.