1v数字信号放大到5v_如何在数字生活中保持安全v 2-CSDN博客

1v数字信号放大到5v

In the first part of this series ( Link ), I talked about Privacy/Security general, kind of both on Mobile as well as Computer machines to give you kind of overview and listed few tools to help you(in getting start).

在本系列的第一部分( 链接 )中，我讨论了隐私/安全性常规知识，同时介绍了移动和计算机上的隐私/安全性概述，并列举了一些可帮助您(入门)的工具。

But from this series, I’ll be specific about the technology that I am talking about i.e mobile devices, Computer machines, or your online activities.

但是在本系列中，我将具体介绍我正在谈论的技术，例如移动设备，计算机或您的在线活动。

There can be very different kinds of arguments when it comes to online privacy/safety and here is mine. For that take this example — “You are a kind of person who isn’t very open about their sexual orientation to anyone but you can go online, do what you need, watch what you want.. and these activities can reflect in your ads that are popping in your mail or website ( How! — advertising agencies creates your profile based on your online activity and serve you ads based on that) but no one will ever know about your online activity if you follow PP.”

关于在线隐私/安全性，可能有非常不同的论点，这是我的观点。对于这个例子，“您是那种对任何人的性取向都不十分开放的人，但是您可以上网，做您需要的事情，观看您想要的事情。这些活动可以反映在您的广告中出现在您的邮件或网站中的方式(方法！–广告代理商会根据您的在线活动创建您的个人资料，并根据您的在线活动向您投放广告)，但如果您遵循PP，就不会有人知道您的在线活动。”

And the question that comes every time in mind is Why one should care/worry about their online activities. And the answer is that it can lead to many terrible incidents i.e email hacking, identity theft, virus, credit card fraud and many more this is possible because of —

每次想到的问题就是为什么人们应该关心/担心他们的在线活动。 答案是，它可能导致许多可怕的事件，例如电子邮件黑客攻击，身份盗用，病毒，信用卡欺诈，而且由于以下原因，还有更多其他可能的原因：

Your weak password management ( i.e. using the same password on different website) and having single-factor authentication(SFA)
您的密码管理不力(即在不同的网站上使用相同的密码)并具有单因素身份验证(SFA)
Your bad online surfing habits.
您不良的网上冲浪习惯。
Using public wi-fi ( of course, you can use but with some measures )
使用公共wi-fi(当然，您可以使用，但需采取一些措施)

Time to go practical…

该动手了……

…

→ Having weak password management can lead you to get your account compromised— How?

→密码管理不善可能会导致您的帐户受到威胁-如何？

You are using the same password for every website(Facebook, Gmail, banking, dating web portals and may more…) and somehow one day your password appeared in the data breach and because you are using the same password for every website it will be easy for anyone (anyone can purchase the data for few bucks on the dark web) to test that on a random website and now you are compromised and it can cause you harm depending on the activity that you do and data stored on the cloud(ex. Google Drive).
您为每个网站(Facebook，Gmail，银行，约会门户网站，甚至还有更多…)使用相同的密码，并且不知何故有一天您的密码出现在数据泄露中，并且由于您为每个网站使用相同的密码，这很容易对于任何人(任何人都可以在黑暗的网络上以几美元的价格购买数据)在随机网站上进行测试，现在您已经受到威胁，并且根据您进行的活动和存储在云中的数据(例如Google云端硬盘)。
Let’s assume your data(email, password) didn’t appear in breach but your friend knows what kind of password combinations you can have or he/she tends to know exact password for one of your web portals and as usual, you have the habit of using the same password and maybe he/she can misuse it in any manner or maybe just for fun. MAYBE!
假设您的数据(电子邮件，密码)没有出现泄露，但是您的朋友知道您可以使用哪种密码组合，或者他/她倾向于知道您的一个门户网站的确切密码，并且像往常一样，您有习惯使用相同的密码，也许他/她可以以任何方式滥用它，或者只是出于娱乐目的。也许！

So what you can do is use a password manager for different complex password and you don’t need to worry about memorizing the password and the best one is Bitwarden (and it’s open-source), you just need to remember the master password to unlock your manager. [ Tip: Always have master password approx 20 char with some space like “I have black bucket but it is small”, can have any phrase that you easily remember.]

因此，您可以使用一个密码管理器来处理不同的复杂密码，而您不必担心记住密码，最好的密码是Bitwarden (它是开源的)，您只需要记住主密码即可解锁你的经理。 [提示：始终拥有大约20个字符的主密码，并带有一些空格，例如“ 我有黑色的水桶，但它很小 ”，可以包含您容易记住的任何短语。

Always enable Multi-factor authentication(or 2FA) if your website is providing that. What it does that it creates an additional layer of authentication that helps you to secure your account in case your credentials got leaked and the bad actors won’t be able to login successfully( How! So whenever you enter your details to log-in, it asks for an additional code that you can get in Authentication app or sms on your mobile device, without that code).

如果您的网站正在提供，则始终启用多因素身份验证(或2FA)。它的作用是创建了一个额外的身份验证层，可以帮助您保护帐户安全，以防万一您的凭据被泄露并且不良行为者将无法成功登录(方法！因此，只要您输入详细信息进行登录，它要求您提供其他代码，而无需该代码，您可以在移动设备上的身份验证应用或短信中获取该代码)。

→ 40% of the actions that people perform each day aren’t actual decisions but habits and habits determine what you are more than what you say.

→ 人们每天执行的动作中有40％不是实际的决定，而是习惯和习惯决定着您比说什么还重要。

Having good habits when it comes to use the internet puts you ahead of others and here are some of them…

在使用互联网时养成良好的习惯会使您领先于其他人，其中一些是……

Never open an email attachment that is from an unknown sender, always look carefully at the email header (who send that email, timing and subject, is it matching with what are expecting to get) and you have to be more careful if it’s your corporate mail and using on a corporate computer machine, in some case people lost their jobs because they clicked on the malicious attachment and their company got breached. Check this PDF to know more about Email red-flag from Cyber Security company Knowbe4.
切勿打开来自未知发件人的电子邮件附件，始终仔细查看电子邮件标题(谁发送了该电子邮件，时间和主题，是否与预期内容匹配)，如果是您的公司，则必须格外小心邮件并在公司的计算机上使用，在某些情况下，人们由于单击恶意附件而导致公司失业，因此失去了工作。查看此PDF，以了解更多来自网络安全公司Knowbe4的有关电子邮件危险标志的信息。
Before posting anything(picture, tweet, Facebook post) online always look twice what you are posting because once its on the internet, it’s gonna stay there forever. In case of an image it can expose a lot, a picture posted by you online contains ( date/time, make & model of phone/camera, coordinates of geolocation where a picture is taken) and anyone can get this by extracting metadata of image.
在网上发布任何内容(图片，tweet，Facebook帖子)之前，其外观始终是您发布的内容的两倍，因为一旦将其发布到互联网上，它将永远存在。如果图像可能会曝光很多，则您在线发布的照片包含(日期/时间，电话/相机的品牌和型号，拍摄照片的地理位置坐标)，任何人都可以通过提取图像的元数据来获取此图像。。
Always prefer Tor over any traditional browser for normal web surfing i.e news, watching porn, or just normal surfing except opening private mails, banking, and other services where you need to give confidential info.
总是比一般的传统浏览器更喜欢Tor，而不是传统的浏览器，例如新闻，观看色情内容或仅仅是正常的浏览，除了打开私人邮件，银行业务和其他需要提供机密信息的服务之外。
Google vs Duckduckgo, I know its big debate so I’m going short and simple. Google serves you ads based on your profile (that is developed based on your online activity), on other side duckduckgo serves you ads based on the keywords that you type in search engine, not by creating a profile.
Google vs Duckduckgo，我知道这是一场激烈的辩论，所以我将简短而简单地进行。 Google根据您的个人资料(根据您的在线活动开发)向您投放广告，另一方面，duckduckgo根据您在搜索引擎中键入的关键字而不是通过创建个人资料向您投放广告。
Always go for a websites that has https over http(Why! because a site with https encrypt your credentials and then send over the network), or you can do this by adding httpseverywhere extension, it will force the website to redirect to their https version.
始终选择在http上具有https的网站(为什么！因为具有https的网站会加密您的凭据，然后通过网络发送)，或者您可以通过添加httpseverywhere扩展名来执行此操作，这将迫使该网站重定向到其https版本。
Turn the browser history option to — clear cookie, cache history whenever you close the browser and always restart the browser between login on multiple websites. Let’s say you were on Facebook doing activities and suddenly you remembered that you need to buy something from amazon, just don’t login in the next tab, switch to another browser or restart(close and open it again) then go for amazon( Why! By doing this you will be clearing session/cookie every time you closing browser and saving your self from Big B snooping in).
将浏览器历史记录选项设置为-每次关闭浏览器时都清除cookie，缓存历史记录，并始终在多个网站登录之间重新启动浏览器。假设您在Facebook上进行活动，突然想起您需要从亚马逊购买商品，只是不要登录下一个选项卡，切换到其他浏览器或重新启动(关闭并再次打开它)，然后再选择亚马逊(为什么！这样，您每次关闭浏览器并从Big B监听中保存自己时，都将清除会话/ cookie。

I will be hard in the start but it’s just a matter of time until you get in the loop of habit and you will be fine…

一开始我会很努力，但是直到习惯养成循环，这只是时间问题，您会没事的。。。

Panopticlick :- An analyzer for your browser (checks for trackers, leaks).
Panopticlick ：-用于您的浏览器的分析器(检查跟踪器，泄漏)。
Privacybadger :- Tool to block invisible trackers.
Privacybadger ：-阻止隐形跟踪器的工具。
haveibeenpwned :- To check if your email-id/password is/not exposed in data breaches.
haveibeenpwned ：-检查您的电子邮件ID /密码是否/不存在数据泄露中。

→ Using public WiFi (while waiting for your next metro, in the hotel room or just your hostel WiFi) can be dangerous if any malicious actor is taking a look on your network traffic and checking your requests that you are making to the server( basically what you are browsing) and you can avoid all this just by using two tools, Tor and a VPN ( whichever you can afford) and surf the internet fearlessly.

→如果任何恶意行为者正在查看您的网络流量并检查您对服务器的请求(基本上是在等待下一个地铁，在酒店房间或仅在宿舍中使用WiFi)时，使用公共WiFi可能很危险。您所浏览的内容)，而只需使用Tor和VPN(您可以负担得起)这两个工具，就可以避免所有这些，并且可以毫不畏惧地上网。

The risks can vary from people to people depending on threat level, and you need to define your security plan for yourself based on your threat level.

根据威胁级别，风险因人而异，因此您需要根据威胁级别为自己定义安全计划。

If you’re following these privacy practices(PP) these- ISP, corporate network admin and government or any individual actor have very few chances to hack you, collect your browsing data, track you based on online activities and sell that data to advertising agencies. In case of Government, they can monitor your political ideologies and can influence you for their benefits.

如果您遵循这些隐私惯例(PP)，则ISP，公司网络管理员和政府或任何个人行为者很少有机会入侵您，收集您的浏览数据，根据在线活动跟踪您并将其出售给广告代理商。在政府的情况下，他们可以监视您的政治思想，并可以影响您的利益。

“Arguing that you don’t care about the right to privacy because you have nothing to hide, is no different than saying you don’t care about free speech because you have nothing to say.”

“争辩说您不关心隐私权是因为您没有什么可隐瞒的，与说您不在乎言论自由是因为您无话可说一样。”

— Edward Snowden

— 爱德华·斯诺登

You have to put this in the habit because just using Incognito mode isn’t going to do anything.

您必须养成这种习惯，因为仅使用隐身模式不会做任何事情。

Thank you for your time. Happy Hacking :)

感谢您的时间。快乐黑客：)

If you have any query, you can reach out to me on: 59r@protonmail.com

如果您有任何疑问，可以通过以下方式与我联系：59r@protonmail.com