Harden IT
Information Research and Security: Training, Consulting, Implementation, Hardening
News
HARDEN IT IS NOT CURRENTLY ACCEPTING NEW CLIENTS
Security: Some is better than none-- enough is best.
Security: More than enough is good-- enough is best.
Privacy: some is better than none-- more is more comfortable.
Safety: Lifesavers save, learning to swim prevents.
Liberty: The ability to have my choices respected-- the power to have them honored.
Freedom: Liberty, in motion.
Owned resources: practices advice.
Secure. Patch/security/critical/optional, Antimalware/blacklist/heuristic, VPN IPsec, firewall, adblocking/blacklist/behavior, no remember logins
Private. VPN/Ipsec, no sharing WiFi, no broadcast SSID, no device discovery,
Obscure. Obfuscation, anonymization, disable telemetry, disable tracking, disable idents/frequently renew, roll IPs, Tor
Borrowed/public resources:
recommendations. Variety of VPN over WiFi. Layer a proxy. Private browsing modes on borrowed browsers. Logout of all accounts. Break sessions, renew IP addresses. Reboot systems. Use caution. HTTPS/Encrypted email. Low trust. As necessary, check software. Update defs, if ok. Guest mode on phones. Boot into safe mode with networking for some things.
There are several significant threats to personal information security online.
1. Google platform / Amazon Alexa --Online Personal Assistants.
https://myactivity.google.com/myactivity
https://www.google.com/maps/timeline
use ad blockers / tracking blockers
firefox - good privacy policy / practices
- Turn off telemetry
- regular updates
- active community with massive testing and user hours
- founded to promote privacy
- compatibility unlikely to be blocked if detected
duckduckgo
great privacy policy - sponsors privacy legislation
https
tracking blockers
privacy badger
behavior-based for unknown threats
privacy policy EFF supports privacy
tor browser
best privacy
unknown vendors / motives / exploits
/ VPN without leaks over Tor if desired.
use an offline personal assistant
2. Social media breaches
a. Personal info set to Public (own worst enemy / oversharing)
- full name on Facebook
- birthdate on Facebook, Instagram, LinkdIn
- maiden name (Facebook, classmates.com)
- family connections (Facebook, familytree)
- check-ins / location (facebook, google)
- bragging about trips (all social media, blogs)
- personal sharing in public (all social media, blogs)
- club/schedule/ work schedule online (all social media, blogs)
- Employer (Facebook, non-reputable resume sites)
- phone number (all social media, craigslist, ubereats, UPS, etc.)
- email address (all social media, resume sites, craigslist, jambajuice, ubereats, etc.)
- phishing games "how much do you know about me..., have you ever..., birthdate name games..." (All social media, Youtube, craigslist)
b. Facebook app platform
- breaches others
- steals pictures, facts
- posts your pictures outside of your sharing settings
c. non-reputable resume sites
d. E-mail chain letters
3. advertiser /robocall/ public records aggregators
- 192.com/people
- 411.com
- www.addressess.com
- anywho.com/whitepages
- arrestfacts.com
- beenverified.com
- checkpeople.com
- dobsearch.com / peoplefinder dob search
- dmv.com
- golookup.com : @ https://golookup.com/support/optout
- findpeoplesearch.com/classic.php
- instantcheckmate.com
- intelius.com
- lexis-nexis
- peekyou.com
- peoplefinders.com
- peoplesearching.com
- peoplesmart.com/find
- people.yellowpages.com/whitepages
- persopo.com
- pipl.com
- publicrecordsnow.com
- radaris.com
- searchbug.com/peoplefinder
- skipease.com
- spokeo
- thatsthem.com
- truepeoplesearch.com
- truthfinder.com
- usapeoplesearch.com
- ussearch.com
- whitepages.com
- verispy.com
- zabasearch.com
- reversecelllookup enle.info?4onD
- netdetective.com
-intuit
-hrblock
- @ lifewire.com/google-people-search
- 1.
remedies ===== removal instructions
ref: onlinesafety.feministfrequency.com/en/#preventing-doxxing
rsaconference.com/writable/presentations/file_upload/hum-t19_hum-t19.pdf
deleteme by abine
TCPA
major advert org opt-outs
robocall defender appliances/services
donotcall.gov stops "legitimate" unsolicited sales calls.
4. public freemail accounts
/ content ownership
/ spam
/ phishing
growing sophistication: closeness in appearance to authentic
solution domain IPs, encryption, throwaway emails, two-factor authentication
5. Android/Microsoft phone settings: games and apps with poor privacy policies
/tracking location
tools: block your number
howto T-mobile, https://www.t-mobile.com/resources/how-to-block-your-number
1 call AT&T *67 [other number] # ||| all calls ON https://www.att.com/olam/passthroughAction.myworld?actionType=ManageVoipFeaturesRedirect&customerType=U all call blocking OFF https://www.att.com/olam/passthroughAction.myworld?actionType=ManageVoipFeaturesRedirect&customerType=U
1 call Verizon *67
all calls verizon https://myaccount.verizonwireless.com/clp/login?redirect=/vzw/accountholder/uc/UCServiceBlocks.action
or my verizon app [ The My Verizon App
Tap the menu in the top left to open it.
Tap Devices.
Find the device you want to add Caller ID Blocking to and tap Manage.
Tap Controls.
Tap Adjust Service blocks.
Find Caller ID Blocking and tap the switch so it's green.] per https://www.verizonwireless.com/support/caller-id-block-faqs/
install Bestee offline Personal Assistant to replace Google.
6. Browser settings / PC leaks.
iPhone/iPsd/iPod https://support.mozilla.org/en-US/kb/install-firefox-your-ipad-iphone-or-ipod
check privacy settings:
Firefox: Options > Privacy & Security
Focus: Options > Privacy & Security
Chrome: chrome://settings/
or [3 dot vertical stack below "x" in upper right-hand corner of window] then Settings > Advanced > Privacy and security
chrome://flags/
chrome://pages/
Chromium
PEOPLE
Normal: Pause/Turn off Google sync.
Normal: Autocomplete: on
enhanced: off
Normal: show suggestions when not found: on
enhanced: off
All: Safe Browsing: on
All: Help improve Safe Browsing: off
All: Help improve Chrome features: off
All: Make Searches and browsing better: off
All: Enhanced spell check: off
AUTOFILL
PASSWORDS
All: Offer to save: off
Auto sign-in: off
PAYMENT METHODS
All: Save and fill: off
Normal: Addresses and more: on/optional
enhanced: addresses and more: off
SEARCH ENGINE
All: search engine used in address bar > select DuckDuckGo
ADVANCED
(last, resets browser) Normal: Allow Chrome sign-in: off
All: Send a do-not-track request.
All: Allow sites to check if you have a payment method saved: OFF
Normal: Preload: on
enhanced: preload: OFF
all: manage certificates: use a certificate
>PRIVACY AND SECURITY
>SITE SETTINGS
>COOKIES
normal: allow: on
enhanced: off
all: keep local: on
all: Block third: on
>LOCATION
all: ask first
>CAMERA
all: ask first
>Microphone
all : ask first
>notifications
all: ask first
>javascript
normal: allow
enhanced: disable
>flash normal: ask first
enhanced: disable
>popups, redirects: off
> background sync: off
OR install Brave for <a href="https://laptop-updates.brave.com/latest/winx64">Windows 64-bit (x64)</a> <a href="https://laptop-updates.brave.com/latest/winia32">Windows 32-bit (w32)</a> <a href="https://laptop-updates.brave.com/latest/osx">macOS (OSX)</a> <a href="https://brave-browser.readthedocs.io/en/latest/installing-brave.html#linux">Linux</a> <a href="https://play.google.com/store/apps/details?id=com.brave.browser&hl=en">Android (Google play)</a> / <a href="https://www.amazon.com/Brave-Software-Browser-Fast-AdBlock/dp/B01M27C0RQ/ref=sr_1_2?s=mobile-apps&ie=UTF8&qid=509 6544343&sr=1-2">Amazon Store</a><a href="https://geo.itunes.apple.com/us/app/brave-web-browser/id1052879175?mt=8">iPad, iPhone, iPod (Apple store)</a>
Edge: Settings > Advanced settings
Safari: Preferences > Security and Preferences > Privacy
Opera:
7. Malware
It seems Kaspersky Labs leaked to Russia / Russian intelligence
=======solutions
antivirus - refs https://av-test.org/ GmbH (german company)
https://www.av-comparatives.org/list-of-av-testing-labs/
toms-hardware guide benchmarks
other site benchmarks
antiransomware
antiphish
8. Network Hackers
wifi
<ul>wifi tools <li><a href="https://www.netspotapp.com/features.html">NetSpot</a> Free for <a href="https://play.google.com/store/apps/details?id=com.etwok.netspotapp&referrer=utm_source%3Dnetspotapp%26utm_medium%3Dbanner">Android</a>, <a href="https://cdn.netspotapp.com/download/Win/NetSpot.exe">Windows</a> (with <a href="https://www.deploymaster.com/dotnetfx.html">.NET 4.5+</a> required), or <a href="https://cdn.netspotapp.com/download/NetSpot.dmg">Mac (OSX 10.6.8 - 10.12 Sierra )</a>
<li><a href="">Wireshark </a> for <a href="https://2.na.dl.wireshark.org/win64/Wireshark-win64-3.0.1.exe">Windows 64-bit (x64)</a>, <a href="https://2.na.dl.wireshark.org/win32/Wireshark-win32-3.0.1.exe">Windows 32-bit (w32)</a>, <a href="https://2.na.dl.wireshark.org/win32/WiresharkPortable_3.0.1.paf.exe">PortableApps (32-bit)</a> (for the <a href="https://portableapps.com/download">PortableApps Platform</a>), or <a href="https://2.na.dl.wireshark.org/osx/Wireshark%203.0.1%20Intel%2064.dmg">MacOS 10.12 and up (x64)</a> or <a href="https://www.wireshark.org/download.html#thirdparty">most any Linux/Unix 3rd distro</a>
soho routers [type cmd at the start menu in Windows or load your MacOS terminal or Linux terminal how to access/default user pass list/phone scan app and port list]
cell-phone device hackers
IMSI catchers<a href="https://theintercept.com/2016/09/12/long-secret-stingray-manuals-detail-how-police-can-spy-on-phones/">Harris brand Stingray II can simulate up to 4 4G or 3G towers at a time.</a> When tested, fake-cell systems beat anti-fake cell apps <a href="https://www.wired.com/story/stingray-detector-apps/">https://www.wired.com/story/stingray-detector-apps/</a> Such as <a href="https://apkpure.com/darshak/com.darshak/download/2-APK">Darshak for Android</a>, <a href="https://play.google.com/store/apps/details?id=com.skibapps.cellspycatcher&hl=en_US">Fake cell-tower Catcher for Android</a>
Cell-phone fake cell-tower manufacturers claim their products can <a href="https://info.publicintelligence.net/Gamma-GSM.pdf">create bubbles where services are denied without the cell-user ever knowing, intercept, redirect, and create fake calls and text messages. https://info.publicintelligence.net/Gamma-GSM.pdf</a> <a href="http://sovworks.com/eds/">for Android</a>, and <a href="https://itunes.apple.com/us/app/crypto-disks-store-private/id889549308/"> iOS </a>
Straighttalk block own 1 call *67
modems
default usernames and passwords, wireless repeaters, directional antennaes
passwords
firewalls zoneAlarm still recieves top marks, Windows Firewall better than none.
anti-malware / antivirus / antiphishing Windows Defender, Bitdefender/ZoneAlarm (AVG), Malware Bytes anti-ransomware beta
drive encryption <a href="https://www.veracrypt.fr/en/Downloads.html">Veracrypt. Simple, open, free with donations accepted. AES, full-disk.</a>
man-in-the-middle / TLS
=====Solutions
VPN
====many VPNs tied to China / Chinese intelligence, especially free VPNs
Free: ProtonVPN, Ghostery, OperaVPN
Our trusted list: NordVPN
ExpressVPN
IPsec
strong passwords/ password manager
(keepassXC or Keepass 2.42)
multi-factor authentication
proper use of Airplane mode / network discovery
tethering / hotspot creation
9. Advertisers and scams
donotcall.gov stops legitimate telemarketers
FTC.gov/abuse / fraud --- report illigitimate telemarketing scams
1-877-FTC-HELP ftc.gov/robocalls
FCC
"prescreened" loan and insurance offers
To opt out for five years: Call toll-free 509 6544343-OPT-OUT 509 6544343
or
visit www.optoutprescreen.com
and
return the signed Permanent Opt-Out Election form above.
or
Experian
Opt Out
P.O. Box 919
Allen, TX 75013
and
TransUnion
Name Removal Option
P.O. Box 505
Woodlyn, PA 19094
and
Equifax, Inc.
Options
P.O. Box 740123
Atlanta, GA 30374
and
Innovis Consumer Assistance
P.O. Box 495
Pittsburgh, PA 15230
Include Full Name, telephone number, social security number, birthdate.
10. Product registrations / bad business / grift
BBB.org
Attorney Generals office
credit card company fraud
Credit freeze / identity theft insurance / identity theft protection
talk about mail / phone / email / websites
credit cards limits of liability
debit card limits of liability
prepaid cards
paypal
visapay / etc.
e-wallets
read about data de-anonymization
https://spreadprivacy.com/data-anonymization/
read about secure internet connections
https://spreadprivacy.com/secure-web-connection/
==================
TOP PRIORITY:
affects all Android users, chrome users, gmail users, etc.
"OK Google, delete all those recordings you made of me without my permission."
myactivity.google.com login>activity>[three bars menu] delete activity by>delete by date>"All time">delete>delete
Activity controls > web and app> manage> pause (slider)
> location > manage > pause
> Youtube watch
> Youtube search
>Ads > ad personlization > off
Security>Google apps with account access>remove most
>data and personalization>wb and app activity> manage> choose to delete automatically > 3 months
=================
Data storage, security, recovery
recuva by piriform to recover files - forensic software for system restoration
encrypt SDCards and storage on Android phones
encrypt drives in Windows
bitlocker built-in
safer alternative ?
encrypted cloud storage most secure
mega
network security, privacy
password guidelines not generators, yes managers,128-bit, 256-bit AES, haveibeenpwned, strength-checker
antivirus - labs/results
antimalware - pc / tablet malwarebytes antiransomeware
browser security privacy reviews firefox, eff browser extensions, duck-duck-go, avira
VPN tls, onion-over-ip, obfuscation
privacy disposable email, encrypted freemail, disposable phone numbers
people search databases/data aggregation doxing
data breaches
Doxing & swatting
removal services - removal process
Deletme by albine is recommended by other Security researchers. We do not endorse them as we offer similar services for a fee alongside our directions for DIYs. We do consider Albine Deleteme a viable alternative to our services based upon reputation, method, and the quality of their other products. Most other paid services known to us offer "deletion" by hacky automatic scripts. We use manual requests and proprietary non-automatic tactics as parts of a strategy to produce a persistent and progressive privacy improvement.
government websites
TCPA
Information sharing and preferences / Rights management
advertising opt-outs
do-not-call.gov
http://www.aboutads.info/choices/
disable voice operated PIMs (how to privacy https://venturebeat.com/2019/04/16/how-to-prevent-alexa-cortana-siri-google-assistant-and-bixby-from-recording-you/ KYLE WIGGERS@KYLE_L_WIGGERS APRIL 16, 2019 6:30 AM)
android phone Wiser, 2014-present. Privacy policy is of concern. Free
"Grand Launcher" simplifies system, voice mode for blind. Made by Mariusz Bednarczyk (free 1 week/$1.99)
enabling/using digital personal assistants
@@ Hey, Bestee https://heybestee.com/ Offline:Private works w limited permissions
- android
Data bot app
Hound / SoundHound
lyra
Robin
Siri Apple (iOS/Mac built-in)
"OK Google" Google Assistant (Google Android Built-in)
smart voice assistant
"Hey, Cortana" Cortana - Windows (Windows built-in)
Alexa - Amazon
Bixby - Samsung
Voice controls/tools
Soundhound - discover music by singing or humming a sample
Read Aloud Browser addon for Chrome. Reads web-pages reasonably well, adjustable accent, tone, speed. Free, works well.
Dictation (speech to text)
communication enhancement
video calls/ videochat
Skype
Apple Facetime
Google Duo
Facebook video chat
Social media platforms: NEVER share when you're out-of-town, dis FB apps, no check-ins GPS
Instagram (https://www.makeuseof.com/tag/how-to-schedule-posts-on-instagram/)
Facebook
Snapchat
Tumblr
Twitter
TikTok
Pintrest
LinkedIn
Harden IT offers solutions to meet your present and future needs.
"We make things work for people." TM
1 in 9 People just had their data breached 8-March-2019
https://nordvpn.com/blog/verifications-io-breach-800-million/
Earlier Breaches, Check your email for breached passwords
https://haveibeenpwned.com/
Firefox is only full-function browser with decent user privacy defaults. (Disable telemetry in settings).
chrome steals data, tracks across devices
opera steals data, tracks even when tracking is "off"
Edge constantly sends tele
Internet Explorer, MS exec says "not to be used."
HTTPS everywhere plugin
https://www.eff.org/https-everywhere at minimum
Privacy Badger plugin
https://www.eff.org/privacybadger
DuckDuckGo plugin
https://www.duckduckgo.com
<p>KeePassXC
<br>https://www.keepassxc.org
<p>KeePass
<br>https://keepass.info
<br> add HaveIBeenPwnd (HIBP) plugin.
<br>https://github.com/andrew-schofield/keepass2-haveibeenpwned
<p>Credit Karma free credit monitoring (use only over VPN/encrypted connections)
<br>http://www.creditkarma.com
<p>Adgaurd (scroll to the bottom for Betas)
<br>https://adguard.com/en/welcome.html
Physical Security
FIND YOUR PHONE
https://ievaphone.com/call-my-phone Good privacy policy
CLOUD STORAGE
overall sync. end-to-end, Canadian privacy laws, 256 AES TLS
free: Mega has more features, ease of use 128-bit AES
messaging
secure browser
max secure: tresorit is most secure 256 AES
compatibility: pcloud has decent security, high compatibility, low price: sync any folder, P:drive 256 AES and TLS
StrongSwan app for Android IPSec with IKEv2, 128-bit AES over NordVPN
NordVPN runs a vast, fast, and highly secure network. NordVPN allows connection of up to 6 devices with unlimited bandwidth, has a low price and high trust rating. It is one of few not tied to Chinese hackers and operates in a virtually warrantless jurisdiction. It offers touch-button optional Onion over IP (tor network tunnel), obfuscation (de-regionalization), double-encryption, high-encryption, and free certificate (TLS) for strongSwan to set up IKEv2 128-bit AES with TLS IPSec. It is lowest in price amongst paid VPNs and is either the second-fastest or fastest of all depending upon market and who you're asking. 3-year special rate is under $4/ month.
Russian hacking, North Korean hacking, and Chinese hacking have compromised many resources from time to time and presently.
We recommend thoroughly investigating any free VPN apps and checking against a reputable list of Chinese owned/connected VPN companies. A survey found 90% [cite] of the most popular VPN apps had such connections. Kaspersky antivirus has appearantly been supplying Russian Intelligence. Facebook was slow to respond to Russian bot-posts and targeted ads intended to disrupt the free and democratic election process of these sovereign United States of America.
Protonmail is based in Switzerland which makes digital privacy rights the legal default. Protonmail doesn't require personally identifiable information to create a free account with end-to-end encrypted email. The Android app is clean, small, and light.
Proton company also offers a free VPN connection with limited access to their servers (i.e. 1/1,000), and a strict limit on monthly data (throughput limit).
==================
SOCIAL MEDIA
facebook privacy checkup https://www.facebook.com/help/443357099140264/
8 steps to secure your facebook privacy https://www.abine.com/blog/2019/8-steps-to-secure-your-facebook-privacy-settings/
--f-droid open source android apps
routers and switches prebuilt security configs.
windows policy tools
iPhone myths
=============================================================================================
Privacy policy: This is a hosted page. Ionos may track or print you if you do not take precautions. Harden IT does not control Ionos. ccording to Ionos, Ionos cookies do not contain personal information. Ionos claims their log file data does not link to personally identifiable information. Ionos uses Google analytics. This poses some privacy concerns. https://www.ionos.com/terms-gtc/terms-privacy/#c810
Harden IT does NOT use this website to collect ANY information about you EVER.
Harden IT does NOT sell personal information. Period.
Harden IT will NOT share your information without your express permission or without service of a legal warrant (and we are unlikely to have anything much to share in such a case). We may generate a client list, interest list, accounts recievable and accounts payable, class list, or group list for ordinary and customary business as we present it. We do NOT participate in data mining, NOR trade in personal information.
Cookie policy: Harden IT may generate cookies to allow you to set your preference for presentation of information. We do not use them for any other purpose.
Financial disclosures:
Harden IT does not participate in click-based advertising schemes or any affiliate programs-- all recommendations made are our best efforts to provide a more useful, safe, and private world, with special attention and focus on the user experience of the World Wide Web.
session-creation vulnerabilities and interventions--- clients detection and prevention of evil-twins, wireshark, stingray, etc.
</pre>
</div>
<div><font face="sans-serif">
<ul><strong>Passwords and Password Basics</strong>
<li>Pins, passwords, keys, passphrases, and ciphers are all ways to secure something-- data, devices,
<li>DO set passwords/pins for all users on all machines. Never let your system automatically login whether it's a PC or a flip phone.
<li>Any password is better than none at all: a question mark ("?"), a slash ("/"), or "55555" is better than nothing at all. "?" is 8-bits, which means there is a 1/256 chance of guessing randomly, or a 1/69 chance in guessing it by pressing a random key. A brute-force password cracker can break this password almost instantly.
<li>Portable devices are much more vulnerable to physical compromise, but any internet-connected device is vulnerable to local threats such as neighbors and war-drivers, regional threats such as L.A. to New York and international threats from Somalia, to Russia, to China, to N.Korea. There is no strong national hacking defense and virtually no international laws prohibiting any government from infliltrating computer systems of people in other countries, nor any strong enforcement of existing laws. The European Union has strong privacy laws within their jurisdiction which apply to companies operating within their boundaries. Generally, internet threats are boundless.
<li>Set <b>unique</a> passwords for each resource such as computer, card, or online account
<li>A password managers assists in safely storing and organizing accounts and passwords and some can automatically enter them into websites and things for convenience. Harden-IT shares <a href="https://ssd.eff.org/en/module/how-use-keepassxc">EFF.org's</a> recommendation for password manager, <a href="https://keepassxc.org/"><em>KeepassXS</em></a>, a better supported fork of <a href="https://www.keepassx.org/">KeepassX</a>, a cross-platform fork of <a href="https://keepass.info/download.html">Keepass (v1.x)</a>. <a href="https://keepass.info/download.html">KeePass 2.42.1</a> is recommended as an alternative to KeePassXC.
<li>Change default passwords on all devices such as <a href="https://www.router-reset.com/default-password-ip-list">routers</a> <a href="https://bestvpn.org/default-router-passwords/">(alt. router default password list)</a>, <a href="https://www.att.com/esupport/article.html#!/wireless/KM1000485?gsi=boks9l">cell phones</a>,
<li>Strong passwords are better than weak passwords.
<li>Cryptographically, "longer is stronger." Complexity is a function of length and entropy.
<br>"Entropy" means randomness.
<br><b>?</b> has 3-bits of entropy in 1 character.
<br><b>D%v#9g4Q</b> has 26-bits (2<small><sup>26</sup></small>) of entropy,
<br><b>Longer is stronger.</b> has 42-bits, which is more than 65,500 times stronger than 26-bits,
<br>and <b>In case of emergency, dial 911</b> has 81-bits, which is reasonably secure against most attackers.
<br>Password resources<a phref="https://ae7.st/g/what.html">What is entropy in passwords?</a>and a <a href="https://ae7.st/g/test.html">password practice toy with entropy guage</a>via<a href="https://twitter.com/AaronToponce">@AaronToponce</a>. Avoid using any old password listed by this <a href="https://haveibeenpwned.com/Passwords">hacked password checker <small>https://haveibeenpwned.com/Passwords</small></a>. Be sure any new password is not on a <a href="https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt">password list</a> used by hackers. No matter their length, or entropy, any password on one of these lists should be considered likely to become compromised.
<br>
<p> <center>HARDEN IT, LLC IS NOT CURRENTLY ACCEPTING NEW CLIENTS</center></p>
<font size="-1">
<p><strong>Security</strong>: some is better than none-- enough is better.</p>
<p><strong>Privacy</strong>: some is better than none-- more is more comfortable.</p>
<p><strong>Safety</strong>: Lifesavers save, learning to swim prevents.</p>
<p><strong>Liberty</strong>: The ability to have my choices respected-- the power to have them honored.</p>
<p><strong>Freedom</strong>: Liberty, in motion.</p>
</font>
</font></div>
<div class="copyFooter"><p align="right"><em><small>© 2019 White Code LLC, Harden IT, <a href="mailto:Aubrey.Harden@hardenit.net">Aubrey Harden.</a> All rights reserved. Explicit consent required for reproduction, derividation or adaptation of website, trade phrase, or any content.<small></div>
</body>
</html>
Security: Some is better than none-- enough is best.
Security: More than enough is good-- enough is best.
Privacy: some is better than none-- more is more comfortable.
Safety: Lifesavers save, learning to swim prevents.
Liberty: The ability to have my choices respected-- the power to have them honored.
Freedom: Liberty, in motion.
Owned resources: practices advice.
Secure. Patch/security/critical/optional, Antimalware/blacklist/heuristic, VPN IPsec, firewall, adblocking/blacklist/behavior, no remember logins
Private. VPN/Ipsec, no sharing WiFi, no broadcast SSID, no device discovery,
Obscure. Obfuscation, anonymization, disable telemetry, disable tracking, disable idents/frequently renew, roll IPs, Tor
Leased resources: practices. Privacy policies, advanced settings, know your rights, enforce rights, minimal, multi-factor, limit information sharing, no remember logins.
There are several significant threats to personal information security online.
1. Google platform / Amazon Alexa --Online Personal Assistants.
https://myactivity.google.com/myactivity
https://www.google.com/maps/timeline
use ad blockers / tracking blockers
firefox - good privacy policy / practices
- Turn off telemetry
- regular updates
- active community with massive testing and user hours
- founded to promote privacy
- compatibility unlikely to be blocked if detected
duckduckgo
great privacy policy - sponsors privacy legislation
https
tracking blockers
privacy badger
behavior-based for unknown threats
privacy policy EFF supports privacy
tor browser
best privacy
unknown vendors / motives / exploits
/ VPN without leaks over Tor if desired.
use an offline personal assistant
2. Social media breaches
a. Personal info set to Public (own worst enemy / oversharing)
- full name on Facebook
- birthdate on Facebook, Instagram, LinkdIn
- maiden name (Facebook, classmates.com)
- family connections (Facebook, familytree)
- check-ins / location (facebook, google)
- bragging about trips (all social media, blogs)
- personal sharing in public (all social media, blogs)
- club/schedule/ work schedule online (all social media, blogs)
- Employer (Facebook, non-reputable resume sites)
- phone number (all social media, craigslist, ubereats, UPS, etc.)
- email address (all social media, resume sites, craigslist, jambajuice, ubereats, etc.)
- phishing games "how much do you know about me..., have you ever..., birthdate name games..." (All social media, Youtube, craigslist)
b. Facebook app platform
- breaches others
- steals pictures, facts
- posts your pictures outside of your sharing settings
c. non-reputable resume sites
d. E-mail chain letters
3. advertiser /robocall/ public records aggregators
- 192.com/people
- 411.com
- www.addressess.com
- anywho.com/whitepages
- arrestfacts.com
- beenverified.com
- checkpeople.com
- dobsearch.com / peoplefinder dob search
- dmv.com
- golookup.com : @ https://golookup.com/support/optout
- findpeoplesearch.com/classic.php
- instantcheckmate.com
- intelius.com
- lexis-nexis
- peekyou.com
- peoplefinders.com
- peoplesearching.com
- peoplesmart.com/find
- people.yellowpages.com/whitepages
- persopo.com
- pipl.com
- publicrecordsnow.com
- radaris.com
- searchbug.com/peoplefinder
- skipease.com
- spokeo
- thatsthem.com
- truepeoplesearch.com
- truthfinder.com
- usapeoplesearch.com
- ussearch.com
- whitepages.com
- verispy.com
- zabasearch.com
- reversecelllookup enle.info?4onD
- netdetective.com
-intuit
-hrblock
- @ lifewire.com/google-people-search
- 1.
remedies ===== removal instructions
ref: onlinesafety.feministfrequency.com/en/#preventing-doxxing
rsaconference.com/writable/presentations/file_upload/hum-t19_hum-t19.pdf
deleteme by abine
TCPA
major advert org opt-outs
robocall defender appliances/services
donotcall.gov stops "legitimate" unsolicited sales calls.
4. public freemail accounts
/ content ownership
/ spam
/ phishing
growing sophistication: closeness in appearance to authentic
solution domain IPs, encryption, throwaway emails, two-factor authentication
5. Android/Microsoft phone settings: games and apps with poor privacy policies
/tracking location
tools: block your number
howto T-mobile, https://www.t-mobile.com/resources/how-to-block-your-number
1 call AT&T *67 [other number] # ||| all calls ON https://www.att.com/olam/passthroughAction.myworld?actionType=ManageVoipFeaturesRedirect&customerType=U all call blocking OFF https://www.att.com/olam/passthroughAction.myworld?actionType=ManageVoipFeaturesRedirect&customerType=U
1 call Verizon *67
all calls verizon https://myaccount.verizonwireless.com/clp/login?redirect=/vzw/accountholder/uc/UCServiceBlocks.action
or my verizon app [ The My Verizon App
Tap the menu in the top left to open it.
Tap Devices.
Find the device you want to add Caller ID Blocking to and tap Manage.
Tap Controls.
Tap Adjust Service blocks.
Find Caller ID Blocking and tap the switch so it's green.] per https://www.verizonwireless.com/support/caller-id-block-faqs/
install Bestee offline Personal Assistant to replace Google.
6. Browser settings / PC leaks.
iPhone/iPsd/iPod https://support.mozilla.org/en-US/kb/install-firefox-your-ipad-iphone-or-ipod
check privacy settings:
Firefox: Options > Privacy & Security
Focus: Options > Privacy & Security
Chrome: chrome://settings/
or [3 dot vertical stack below "x" in upper right-hand corner of window] then Settings > Advanced > Privacy and security
chrome://flags/
chrome://pages/
Chromium
PEOPLE
Normal: Pause/Turn off Google sync.
Normal: Autocomplete: on
enhanced: off
Normal: show suggestions when not found: on
enhanced: off
All: Safe Browsing: on
All: Help improve Safe Browsing: off
All: Help improve Chrome features: off
All: Make Searches and browsing better: off
All: Enhanced spell check: off
AUTOFILL
PASSWORDS
All: Offer to save: off
Auto sign-in: off
PAYMENT METHODS
All: Save and fill: off
Normal: Addresses and more: on/optional
enhanced: addresses and more: off
SEARCH ENGINE
All: search engine used in address bar > select DuckDuckGo
ADVANCED
(last, resets browser) Normal: Allow Chrome sign-in: off
All: Send a do-not-track request.
All: Allow sites to check if you have a payment method saved: OFF
Normal: Preload: on
enhanced: preload: OFF
all: manage certificates: use a certificate
>PRIVACY AND SECURITY
>SITE SETTINGS
>COOKIES
normal: allow: on
enhanced: off
all: keep local: on
all: Block third: on
>LOCATION
all: ask first
>CAMERA
all: ask first
>Microphone
all : ask first
>notifications
all: ask first
>javascript
normal: allow
enhanced: disable
>flash normal: ask first
enhanced: disable
>popups, redirects: off
> background sync: off
OR install Brave for <a href="https://laptop-updates.brave.com/latest/winx64">Windows 64-bit (x64)</a> <a href="https://laptop-updates.brave.com/latest/winia32">Windows 32-bit (w32)</a> <a href="https://laptop-updates.brave.com/latest/osx">macOS (OSX)</a> <a href="https://brave-browser.readthedocs.io/en/latest/installing-brave.html#linux">Linux</a> <a href="https://play.google.com/store/apps/details?id=com.brave.browser&hl=en">Android (Google play)</a> / <a href="https://www.amazon.com/Brave-Software-Browser-Fast-AdBlock/dp/B01M27C0RQ/ref=sr_1_2?s=mobile-apps&ie=UTF8&qid=509 6544343&sr=1-2">Amazon Store</a><a href="https://geo.itunes.apple.com/us/app/brave-web-browser/id1052879175?mt=8">iPad, iPhone, iPod (Apple store)</a>
Edge: Settings > Advanced settings
Safari: Preferences > Security and Preferences > Privacy
Opera:
7. Malware
It seems Kaspersky Labs leaked to Russia / Russian intelligence
=======solutions
antivirus - refs https://av-test.org/ GmbH (german company)
https://www.av-comparatives.org/list-of-av-testing-labs/
toms-hardware guide benchmarks
other site benchmarks
antiransomware
antiphish
8. Network Hackers
wifi
<ul>wifi tools <li><a href="https://www.netspotapp.com/features.html">NetSpot</a> Free for <a href="https://play.google.com/store/apps/details?id=com.etwok.netspotapp&referrer=utm_source%3Dnetspotapp%26utm_medium%3Dbanner">Android</a>, <a href="https://cdn.netspotapp.com/download/Win/NetSpot.exe">Windows</a> (with <a href="https://www.deploymaster.com/dotnetfx.html">.NET 4.5+</a> required), or <a href="https://cdn.netspotapp.com/download/NetSpot.dmg">Mac (OSX 10.6.8 - 10.12 Sierra )</a>
<li><a href="">Wireshark </a> for <a href="https://2.na.dl.wireshark.org/win64/Wireshark-win64-3.0.1.exe">Windows 64-bit (x64)</a>, <a href="https://2.na.dl.wireshark.org/win32/Wireshark-win32-3.0.1.exe">Windows 32-bit (w32)</a>, <a href="https://2.na.dl.wireshark.org/win32/WiresharkPortable_3.0.1.paf.exe">PortableApps (32-bit)</a> (for the <a href="https://portableapps.com/download">PortableApps Platform</a>), or <a href="https://2.na.dl.wireshark.org/osx/Wireshark%203.0.1%20Intel%2064.dmg">MacOS 10.12 and up (x64)</a> or <a href="https://www.wireshark.org/download.html#thirdparty">most any Linux/Unix 3rd distro</a>
soho routers [type cmd at the start menu in Windows or load your MacOS terminal or Linux terminal how to access/default user pass list/phone scan app and port list]
cell-phone device hackers
IMSI catchers<a href="https://theintercept.com/2016/09/12/long-secret-stingray-manuals-detail-how-police-can-spy-on-phones/">Harris brand Stingray II can simulate up to 4 4G or 3G towers at a time.</a> When tested, fake-cell systems beat anti-fake cell apps <a href="https://www.wired.com/story/stingray-detector-apps/">https://www.wired.com/story/stingray-detector-apps/</a> Such as <a href="https://apkpure.com/darshak/com.darshak/download/2-APK">Darshak for Android</a>, <a href="https://play.google.com/store/apps/details?id=com.skibapps.cellspycatcher&hl=en_US">Fake cell-tower Catcher for Android</a>
Cell-phone fake cell-tower manufacturers claim their products can <a href="https://info.publicintelligence.net/Gamma-GSM.pdf">create bubbles where services are denied without the cell-user ever knowing, intercept, redirect, and create fake calls and text messages. https://info.publicintelligence.net/Gamma-GSM.pdf</a> <a href="http://sovworks.com/eds/">for Android</a>, and <a href="https://itunes.apple.com/us/app/crypto-disks-store-private/id889549308/"> iOS </a>
Straighttalk block own 1 call *67
modems
default usernames and passwords, wireless repeaters, directional antennaes
passwords
firewalls zoneAlarm still recieves top marks, Windows Firewall better than none.
anti-malware / antivirus / antiphishing Windows Defender, Bitdefender/ZoneAlarm (AVG), Malware Bytes anti-ransomware beta
drive encryption <a href="https://www.veracrypt.fr/en/Downloads.html">Veracrypt. Simple, open, free with donations accepted. AES, full-disk.</a>
man-in-the-middle / TLS
=====Solutions
VPN
====many VPNs tied to China / Chinese intelligence, especially free VPNs
Free: ProtonVPN, Ghostery, OperaVPN
Our trusted list: NordVPN
ExpressVPN
IPsec
strong passwords/ password manager
(keepassXC or Keepass 2.42)
multi-factor authentication
proper use of Airplane mode / network discovery
tethering / hotspot creation
9. Advertisers and scams
donotcall.gov stops legitimate telemarketers
FTC.gov/abuse / fraud --- report illigitimate telemarketing scams
1-877-FTC-HELP ftc.gov/robocalls
FCC
"prescreened" loan and insurance offers
To opt out for five years: Call toll-free 509 6544343-OPT-OUT 509 6544343
or
visit www.optoutprescreen.com
and
return the signed Permanent Opt-Out Election form above.
or
Experian
Opt Out
P.O. Box 919
Allen, TX 75013
and
TransUnion
Name Removal Option
P.O. Box 505
Woodlyn, PA 19094
and
Equifax, Inc.
Options
P.O. Box 740123
Atlanta, GA 30374
and
Innovis Consumer Assistance
P.O. Box 495
Pittsburgh, PA 15230
Include Full Name, telephone number, social security number, birthdate.
10. Product registrations / bad business / grift
BBB.org
Attorney Generals office
credit card company fraud
Credit freeze / identity theft insurance / identity theft protection
talk about mail / phone / email / websites
credit cards limits of liability
debit card limits of liability
prepaid cards
paypal
visapay / etc.
e-wallets
read about data de-anonymization
https://spreadprivacy.com/data-anonymization/
read about secure internet connections
https://spreadprivacy.com/secure-web-connection/
==================
TOP PRIORITY:
affects all Android users, chrome users, gmail users, etc.
"OK Google, delete all those recordings you made of me without my permission."
myactivity.google.com login>activity>[three bars menu] delete activity by>delete by date>"All time">delete>delete
Activity controls > web and app> manage> pause (slider)
> location > manage > pause
> Youtube watch
> Youtube search
>Ads > ad personlization > off
Security>Google apps with account access>remove most
>data and personalization>wb and app activity> manage> choose to delete automatically > 3 months
=================
Data storage, security, recovery
recuva by piriform to recover files - forensic software for system restoration
encrypt SDCards and storage on Android phones
encrypt drives in Windows
bitlocker built-in
safer alternative ?
encrypted cloud storage most secure
mega
network security, privacy
password guidelines not generators, yes managers,128-bit, 256-bit AES, haveibeenpwned, strength-checker
antivirus - labs/results
antimalware - pc / tablet malwarebytes antiransomeware
browser security privacy reviews firefox, eff browser extensions, duck-duck-go, avira
VPN tls, onion-over-ip, obfuscation
privacy disposable email, encrypted freemail, disposable phone numbers
people search databases/data aggregation doxing
data breaches
Doxing & swatting
removal services - removal process
Deletme by albine is recommended by other Security researchers. We do not endorse them as we offer similar services for a fee alongside our directions for DIYs. We do consider Albine Deleteme a viable alternative to our services based upon reputation, method, and the quality of their other products. Most other paid services known to us offer "deletion" by hacky automatic scripts. We use manual requests and proprietary non-automatic tactics as parts of a strategy to produce a persistent and progressive privacy improvement.
government websites
TCPA
Information sharing and preferences / Rights management
advertising opt-outs
do-not-call.gov
http://www.aboutads.info/choices/
disable voice operated PIMs (how to privacy https://venturebeat.com/2019/04/16/how-to-prevent-alexa-cortana-siri-google-assistant-and-bixby-from-recording-you/ KYLE WIGGERS@KYLE_L_WIGGERS APRIL 16, 2019 6:30 AM)
android phone Wiser, 2014-present. Privacy policy is of concern. Free
"Grand Launcher" simplifies system, voice mode for blind. Made by Mariusz Bednarczyk (free 1 week/$1.99)
enabling/using digital personal assistants
@@ Hey, Bestee https://heybestee.com/ Offline:Private works w limited permissions
- android
Data bot app
Hound / SoundHound
lyra
Robin
Siri Apple (iOS/Mac built-in)
"OK Google" Google Assistant (Google Android Built-in)
smart voice assistant
"Hey, Cortana" Cortana - Windows (Windows built-in)
Alexa - Amazon
Bixby - Samsung
Voice controls/tools
Soundhound - discover music by singing or humming a sample
Read Aloud Browser addon for Chrome. Reads web-pages reasonably well, adjustable accent, tone, speed. Free, works well.
Dictation (speech to text)
communication enhancement
video calls/ videochat
Skype
Apple Facetime
Google Duo
Facebook video chat
Social media platforms: NEVER share when you're out-of-town, dis FB apps, no check-ins GPS
Instagram (https://www.makeuseof.com/tag/how-to-schedule-posts-on-instagram/)
Snapchat
Tumblr
TikTok
Pintrest
Harden IT offers solutions to meet your present and future needs.
"We make things work for people." TM
1 in 9 People just had their data breached 8-March-2019
https://nordvpn.com/blog/verifications-io-breach-800-million/
Earlier Breaches, Check your email for breached passwords
https://haveibeenpwned.com/
Firefox is only full-function browser with decent user privacy defaults. (Disable telemetry in settings).
chrome steals data, tracks across devices
opera steals data, tracks even when tracking is "off"
Edge constantly sends tele
Internet Explorer, MS exec says "not to be used."
HTTPS everywhere plugin
https://www.eff.org/https-everywhere at minimum
Privacy Badger plugin
https://www.eff.org/privacybadger
DuckDuckGo plugin
https://www.duckduckgo.com
<p>KeePassXC
<br>https://www.keepassxc.org
<p>KeePass
<br>https://keepass.info
<br> add HaveIBeenPwnd (HIBP) plugin.
<br>https://github.com/andrew-schofield/keepass2-haveibeenpwned
<p>Credit Karma free credit monitoring (use only over VPN/encrypted connections)
<br>http://www.creditkarma.com
<p>Adgaurd (scroll to the bottom for Betas)
<br>https://adguard.com/en/welcome.html
Physical Security
FIND YOUR PHONE
https://ievaphone.com/call-my-phone Good privacy policy
CLOUD STORAGE
overall sync. end-to-end, Canadian privacy laws, 256 AES TLS
free: Mega has more features, ease of use 128-bit AES
messaging
secure browser
max secure: tresorit is most secure 256 AES
compatibility: pcloud has decent security, high compatibility, low price: sync any folder, P:drive 256 AES and TLS
StrongSwan app for Android IPSec with IKEv2, 128-bit AES over NordVPN
NordVPN runs a vast, fast, and highly secure network. NordVPN allows connection of up to 6 devices with unlimited bandwidth, has a low price and high trust rating. It is one of few not tied to Chinese hackers and operates in a virtually warrantless jurisdiction. It offers touch-button optional Onion over IP (tor network tunnel), obfuscation (de-regionalization), double-encryption, high-encryption, and free certificate (TLS) for strongSwan to set up IKEv2 128-bit AES with TLS IPSec. It is lowest in price amongst paid VPNs and is either the second-fastest or fastest of all depending upon market and who you're asking. 3-year special rate is under $4/ month.
Russian hacking, North Korean hacking, and Chinese hacking have compromised many resources from time to time and presently.
We recommend thoroughly investigating any free VPN apps and checking against a reputable list of Chinese owned/connected VPN companies. A survey found 90% [cite] of the most popular VPN apps had such connections. Kaspersky antivirus has appearantly been supplying Russian Intelligence. Facebook was slow to respond to Russian bot-posts and targeted ads intended to disrupt the free and democratic election process of these sovereign United States of America.
Protonmail is based in Switzerland which makes digital privacy rights the legal default. Protonmail doesn't require personally identifiable information to create a free account with end-to-end encrypted email. The Android app is clean, small, and light.
Proton company also offers a free VPN connection with limited access to their servers (i.e. 1/1,000), and a strict limit on monthly data (throughput limit).
==================
SOCIAL MEDIA
facebook privacy checkup https://www.facebook.com/help/443357099140264/
8 steps to secure your facebook privacy https://www.abine.com/blog/2019/8-steps-to-secure-your-facebook-privacy-settings/
--f-droid open source android apps
routers and switches prebuilt security configs.
windows policy tools
iPhone myths
=============================================================================================
Privacy policy: This is a hosted page. Ionos may track or print you if you do not take precautions. Harden IT does not control Ionos. ccording to Ionos, Ionos cookies do not contain personal information. Ionos claims their log file data does not link to personally identifiable information. Ionos uses Google analytics. This poses some privacy concerns. https://www.ionos.com/terms-gtc/terms-privacy/#c810
Harden IT does NOT use this website to collect ANY information about you EVER.
Harden IT does NOT sell personal information. Period.
Harden IT will NOT share your information without your express permission or without service of a legal warrant (and we are unlikely to have anything much to share in such a case). We may generate a client list, interest list, accounts recievable and accounts payable, class list, or group list for ordinary and customary business as we present it. We do NOT participate in data mining, NOR trade in personal information.
Cookie policy: Harden IT may generate cookies to allow you to set your preference for presentation of information. We do not use them for any other purpose.
Financial disclosures:
Harden IT does not participate in click-based advertising schemes or any affiliate programs-- all recommendations made are our best efforts to provide a more useful, safe, and private world, with special attention and focus on the user experience of the World Wide Web.
session-creation vulnerabilities and interventions--- clients detection and prevention of evil-twins, wireshark, stingray, etc.
</pre>
</div>
<div><font face="sans-serif">
<ul><strong>Passwords and Password Basics</strong>
<li>Pins, passwords, keys, passphrases, and ciphers are all ways to secure something-- data, devices,
<li>DO set passwords/pins for all users on all machines. Never let your system automatically login whether it's a PC or a flip phone.
<li>Any password is better than none at all: a question mark ("?"), a slash ("/"), or "55555" is better than nothing at all. "?" is 8-bits, which means there is a 1/256 chance of guessing randomly, or a 1/69 chance in guessing it by pressing a random key. A brute-force password cracker can break this password almost instantly.
<li>Portable devices are much more vulnerable to physical compromise, but any internet-connected device is vulnerable to local threats such as neighbors and war-drivers, regional threats such as L.A. to New York and international threats from Somalia, to Russia, to China, to N.Korea. There is no strong national hacking defense and virtually no international laws prohibiting any government from infliltrating computer systems of people in other countries, nor any strong enforcement of existing laws. The European Union has strong privacy laws within their jurisdiction which apply to companies operating within their boundaries. Generally, internet threats are boundless.
<li>Set <b>unique</a> passwords for each resource such as computer, card, or online account
<li>A password managers assists in safely storing and organizing accounts and passwords and some can automatically enter them into websites and things for convenience. Harden-IT shares <a href="https://ssd.eff.org/en/module/how-use-keepassxc">EFF.org's</a> recommendation for password manager, <a href="https://keepassxc.org/"><em>KeepassXS</em></a>, a better supported fork of <a href="https://www.keepassx.org/">KeepassX</a>, a cross-platform fork of <a href="https://keepass.info/download.html">Keepass (v1.x)</a>. <a href="https://keepass.info/download.html">KeePass 2.42.1</a> is recommended as an alternative to KeePassXC.
<li>Change default passwords on all devices such as <a href="https://www.router-reset.com/default-password-ip-list">routers</a> <a href="https://bestvpn.org/default-router-passwords/">(alt. router default password list)</a>, <a href="https://www.att.com/esupport/article.html#!/wireless/KM1000485?gsi=boks9l">cell phones</a>,
<li>Strong passwords are better than weak passwords.
<li>Cryptographically, "longer is stronger." Complexity is a function of length and entropy.
<br>"Entropy" means randomness.
<br><b>?</b> has 3-bits of entropy in 1 character.
<br><b>D%v#9g4Q</b> has 26-bits (2<small><sup>26</sup></small>) of entropy,
<br><b>Longer is stronger.</b> has 42-bits, which is more than 65,500 times stronger than 26-bits,
<br>and <b>In case of emergency, dial 911</b> has 81-bits, which is reasonably secure against most attackers.
<br>Password resources<a phref="https://ae7.st/g/what.html">What is entropy in passwords?</a>and a <a href="https://ae7.st/g/test.html">password practice toy with entropy guage</a>via<a href="https://twitter.com/AaronToponce">@AaronToponce</a>. Avoid using any old password listed by this <a href="https://haveibeenpwned.com/Passwords">hacked password checker <small>https://haveibeenpwned.com/Passwords</small></a>. Be sure any new password is not on a <a href="https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt">password list</a> used by hackers. No matter their length, or entropy, any password on one of these lists should be considered likely to become compromised.
<br>
<p> <center>HARDEN IT, LLC IS NOT CURRENTLY ACCEPTING NEW CLIENTS</center></p>
<font size="-1">
<p><strong>Security</strong>: some is better than none-- enough is better.</p>
<p><strong>Privacy</strong>: some is better than none-- more is more comfortable.</p>
<p><strong>Safety</strong>: Lifesavers save, learning to swim prevents.</p>
<p><strong>Liberty</strong>: The ability to have my choices respected-- the power to have them honored.</p>
<p><strong>Freedom</strong>: Liberty, in motion.</p>
</font>
</font></div>
<div class="copyFooter"><p align="right"><em><small>© 2019 White Code LLC, Harden IT, <a href="mailto:Aubrey.Harden@hardenit.net">Aubrey Harden.</a> All rights reserved. Explicit consent required for reproduction, derividation or adaptation of website, trade phrase, or any content.<small></div>
</body>
</html>
Tools / Resources
Tools / Resources
Windows Free
KeePassXC
ZoneAlarm
antimalware
Firefox
duckduckgo
privacy badger
AdBlocker
Bitdefender
ProtonVPN
ProtonMail
strongSwan
Veracrypt
Tor Browser
Android Free
Firefox
ProtonVPN
duckduckgo
privacy badger
strongSwan
ProtonMail
InstAddr
Signal
Bestee
Cryptify
2ndLine
SwiftKeyboard
Tor Browser
cell spy catcher