End-user Computer Securitysim
Inexpensive security
|
for
|
⦾ individuals
⦾ sole traders
⦾ small businesses
|
- Main content
| Chapter 2: | Passwords and digital keys |
| Chapter 3: | Wireless Communications |
| Chapter 4: | Digital storage |
| Chapter 5: | Some measures that are primarily physical |
| Chapter 6: | Mind-reading attacks |
| Chapter 7: | Simple security measures |
| Chapter 8: | Broad security principles |
| Chapter 9: | What to do when you discover your computer has been hacked |
| Chapter 10: | Miscellaneous notes |
- Appendix
| Part 1: | New security inventions requiring a non-trivial investment in new technology |
| Part 2: | Example set-ups & implementations |
| 2FA | [see ╱2-factor authentication] |
| 2-factor authentication (2FA) | [see ╱multi-factor authentication╱2-factor authentication] |
| 2nd hand | [see ╱second hand] |
| 33c3 | [see ╱33rd Chaos Communication Congress] |
| 33rd Chaos Communication Congress (33c3) | [see ╱33rd Chaos Communication Congress] |
| 3D (3D means three dimensional) |
| 3D-optimised hardware | [see ╱hardware╱3D-optimised hardware] |
| minimally-above-average security (broad security principle) | [see ╱broad security principles╱minimally-above-average security] |
| age of software, and devices |
| old mobile phone, mobile device (cf. §”Old or new phone”) |
| old version of software (cf. §”Vulnerability when used for software”) |
| average security | [contrasts with ╱above-average security] |
| account security for your email account | [see ╱electronic mail╱email account security] |
| acetone as a glue solvent | [see ╱glue╱glue solvents╱acetone] |
| administrator account | [see ╱operating system╱operating-system login account╱administrator account] |
| adversary | [related to ╱computer security attack╱threat model] |
| affordable | [see ╱costs╱affordable] |
| artificial intelligence (AI) |
| AI | [see ╱artificial intelligence] |
| algorithms | [see ╱programming╱algorithms] |
| alphabet | [see ╱language╱alphabet] |
| Andrew "bunnie" Huang | [see ╱persons (individuals named in book)] |
| Android (Android operating system for mobile devices) | [see ╱operating system╱different operating systems] |
| amnesia and security in spite of it | [see ╱security in spite of amnesia] |
| antivirus software on Android |
| app (type of software program) |
| Google Authenticator (key- and time- based app) |
| Archimedes’ principle | [see ╱physical properties╱volume] |
| asymmetric cryptography | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography] |
| ‘at rest’ security location |
| ‘at rest’ shape retention (cf. §“Perhaps the simplest and best idea”) |
| attack (computer security attack) |
| different classes of attack |
| hardware hacking attack | [see ╱hack╱security hacking╱hardware hacking.] |
| health attack (eg. causing fatigue, concentration/memory loss, by use of directed non-lethal energy weapons) |
| man-in-the-middle (MITM) attack |
| mind-reading psychic attack |
| ‘Inception’ styled attacks |
| VDU signal interception attack |
| malicious sneaky replacement of full-disk encryption system with historic clone of system that has known vulnerabilities |
| bootloader (of computer system) |
| further writes to optical discs that are otherwise seemingly read-only |
| multi-booting (cf. §”Which OS?”) “...There is unlikely much point in dual-booting between Windows and Linux because if Windows is hacked,...” (cf. §”Qubes OS 4.0.3 side-by-side with other operating systems”) “...any such other OS should not be able to access or even ‘touch’ the Qubes OS installation, thereby hopefully safeguarding the Qubes installation from attacks conducted through the other presumably-less-secure OS.” |
| random access memory (see §”Magnetic storage: tapes vs. discs”) |
| attack window (cf. §Using_most_secure_window_of_time) | [see ╱window of time╱attack window] |
| (cf. §”Rewritable media vs optical ROM discs”] |
| “destroy key when attacked” | [see ╱keys╱digital key╱“destroy key when attacked”] |
| auditing source code | [see ╱programming, coding, reprogramming╱source code╱auditing source code] |
| authentication keys | [see ╱key╱digital key╱authentication key] |
| cross authentication of public-key-cryptography (aka asymmetric cryptography) |
| security certificates | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱security certificates╱cross authentication] |
| measuring physical properties for authentication |
| testing for security authentication | [see ╱testing] |
| auto-power-off of laptop | [see ╱powering computer systems╱automatic powering off of the laptop] |
| automatic powering off of the laptop | [see ╱powering computer systems╱automatic powering off of the laptop] |
| backup, back-up (computer backup) |
| backing-up before factory reset |
| backing-up files (computer files) |
| after discovery of having been hacked |
| backing-up security keys and passwords | [contrasts and can complement ╱key╱digital key╱destroying keys] |
| bad blocks (on digital storage media) | [see ╱digital storage╱media╱bad blocks] |
| balance-of-probabilities | [see ╱probability╱balance-of-probabilities] |
| banking (financial banking) | [see ╱financial╱banking] |
| bare bones | [see ╱systems╱properties╱bare bones] |
| Basic Input Output System (BIOS used in computer boot sequences) | [see ╱boot╱bootloader╱first-stage boot loader] |
| ‘bells and whistles’ | [see ╱systems╱properties╱‘bells and whistles’] |
| best practice (perhaps not complete) |
| for creating a read-only CD or DVD |
| for backing-up files after being hacked |
| BIOS | [see ╱Basic Input Output System] |
| Bitcoin | [see ╱financial╱currency╱cryptocurrency╱different currencies╱Bitcoin] |
| blackbox | [see ╱systems╱properties╱blackbox] |
| Bluetooth | [see ╱communication╱wireless communication╱types╱Bluetooth] |
| boot (computer’s startup sequence) |
| first-stage boot loader (such as in BIOS or UEFI) |
| not requiring second stage |
| Heads (built on top of Coreboot technology) |
| second-stage boot loader (no content at present) |
| cold, or warm booting (warm boot is also known as soft off/boot) |
| cold boot | [see ╱powering computer systems╱system power states╱powered-off] |
| soft off/boot, warm boot | [see ╱powering computer systems╱system power states╱soft off/boot, warm boot] |
| Boots photo printing (UK) | [see ╱business╱online printing businesses] |
| braille | [see ╱language╱braille] |
| brain-reading | [see ╱mental╱mind reading╱brain reading] |
| broad security principles |
| “destroy key when attacked” | [see ╱data destruction╱“destroy key when attacked”] |
| geospatial-based broad security principles |
| measuring physical properties for authentication | [see ╱authentication╱measuring physical properties for authentication] |
| minimally-above-average security |
| ordering many units of same product | [see ╱order, ordering╱ordering many units of same product] |
| preventing lapses in security |
| publishing security methods |
| relying on high production cost of certain security tokens |
| report cyber-crime to the police | [see ╱report, reporting╱report cyber-crime to the police] |
| stop funding the spies and hackers |
| think in terms of gradual movement along a security-level continuum |
| time-based broad security principles |
| “based on time passed” security principle |
| “based on time taken to forge” security principle |
| using most secure window of time |
| user randomly selecting unit from off physical shelves | [see ╱business╱shop╱physical shop╱physical shelves] |
| browser for web/internet | [see ╱web/internet browser] |
| building software | [related to ╱programming] |
| build from source, compile from source |
| detecting malware by using reproducible builds | [see ╱malware╱detecting malware in source code╱by using reproducible-builds protocol] |
| bubble wrap | [see ╱shape flexibility╱bubble wrap] |
| budget (financial constraint) | [see ╱costs╱financial constraints] |
| budget (cheap) | [see ╱costs╱cheap] |
| burning, burn (writing CDs, DVDs, etc.) | [see ╱hardware╱drives and readers╱optical disc drive╱optical disc writers╱writing optical discs╱optical disc writers╱writing optical discs] |
| burner phones | [see ╱phones╱mobile phones╱burner phones] |
| business (intersects with manufacturer, producer) |
| business models (no content at present) |
| open-source vs. closed-source (no content at present) |
| company registration number |
| company registered office |
| names of different businesses named in book |
| GitHub | [see ╱systems╱collaborative development╱GitHub] |
| online printing businesses |
| user randomly selecting unit from off physical shelves (broad security principle) |
| camera | [related to ╱photography] |
| card readers for SD cards | [see ╱hardware╱digital-storage hardware╱drives and readers╱card readers for SD cards] |
| cardboard | [see ╱materials╱cardboard] |
| cardboard “restricted viewing enclosure” | [see ╱view restriction╱cardboard “restricted viewing enclosure”] |
| compact disc | [see ╱digital storage╱media╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱optical╱CDs] |
| certification authorities (for public-key-cryptography security certificates) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱security certificates╱certification authorities╱] |
| certificates for security based on public-key cryptography (aka asymmetric cryptography) | [see ╱security certificate for public-key cryptography] |
| channels (purchase channels) | [see ╱purchasing╱purchase channels] |
| changing passwords and keys |
| changing password to one previously used | [see ╱password╱password reuse] |
| changing encryption keys frequently in FDE | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption╱frequent changing of encryption keys] |
| China | [see ╱countries mentioned in book╱China] |
| Chaos Communication Congress | [see ╱organisations and businesses╱names of non-business organisations╱Chaos Communication Congress] |
| ChromeOS | [see ╱operating system╱different operating systems] |
| Chromebook, Chromebox, Chromebit | [see ╱personal computer╱different “ready-to-run” PCs marketed as products╱Chromebook, Chromebox, Chromebit] |
| Chrome web browser | [see ╱web/internet browser] |
| Cipher | [see ╱cryptography, cryptographic╱cipher] |
| client (in server-client computing model) | [see ╱server-client computing model╱client] |
| cling film | [see ╱materials╱transparent material╱cling film] |
| cloned physical key | [see ╱key╱physical key╱cloned key] |
| closed/open source | [see ╱open/closed source] |
| clouds | [see ╱cloud computing╱clouds] |
| cloud computing | [related to ╱server-client computing model] | [related to ╱sandboxing] |
| Oracle Cloud | [see ╱Oracle╱Oracle Cloud] |
| code (source code) | [see ╱programming╱source code] |
| coding (programming) | [see ╱programming] |
| cognitive power | [see ╱mental╱cognitive power] |
| coin tossing | [see ╱random╱generating randomness╱coin tossing] |
| collaborative development | [see ╱systems╱collaborative development] |
| comparing files (computer files) | [see ╱file╱file comparison] |
| 'complete fake' attacks (computer security attack) | [see ╱attack╱different classes of attack] |
| computer screen lock/locking (aka screensaver lock) |
| computer security attack | [see ╱attack] |
| zero-knowledge authentication protocol |
| communication protocols for computing devices |
| protocols that are also standards |
| for wireless communication |
| NFC (Near-Field Communication) |
| Hypertext Transfer Protocol Secure (HTTPS) | [related to ╱Transport Layer Security] |
| Transport Layer Security should be added here? |
| communicating trust in “proofs of work” associated with cryptocurrencies |
| devices used for communication? |
| file transfer, file transmission, sending files | [see ╱file╱file transfer, file transmission, sending files] |
| gazettes as a means for overcoming MITM attacks |
| interception of communication in MITM attacks |
| family of attacks (blocking comms, imposture, stealing/spying of confidential information) |
| modes of message-based communication |
| email account security (email account security) |
| cf. two-step security for Google account |
| importance of electronic-mail account security (cf. §“National Cyber Security Centre”) |
| email encryption | [covered under ..╱email security] |
| email security (email security) | [related to ..╱email account security] |
| PGP (Pretty Good Privacy) cryptography for email security (could perhaps do with more content here, cf. Main_content╱Broad_security_principle#Example_2) |
| encrypting emails (no content at present) |
| digitally signing emails (cf. Main_content/Broad_security_principles#Example_2) |
| PGP cryptography in general | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱Pretty Good Privacy cryptography] |
| software for communication |
| OEM software as a means for communicating software to end-users? |
| printing as part of communication process |
| add public-key cryptography? |
| of files (no content at present) (╱file╱file/file transfer, file transmission, sending files╱secure communication of files) (cf.Appendix invention). |
| of public keys? Non-compromised communication of public keys. (cf. Appendix invention). |
| of security certificates by pre-installing them on computing devices? |
| of passwords? (flavour-encoding, etc.) (cf. Appendix invention) |
| add website publishing here? |
| server-client model vs. peer-to-peer model, for communications |
| wireless/wired communication |
| WiFi protocol | [see ╱communication╱communication protocols for computing devices╱protocols that are also standards╱WiFi] |
| WiFi network | [see ..╱..╱..╱networks╱WiFi network] |
| WiFi router | [see ╱hardware╱router╱WiFi router] |
| NFC (Near-Field Communication) |
| NFC protocol | [see ╱communication╱communication protocols for computing devices╱protocols that are also standards╱NFC] |
| Bluetooth protocol | [see ╱communication╱communication protocols for computing devices╱protocols that are also standards╱NFC] |
| WiFi router | [see ╱hardware╱router╱WiFi router] |
| serial/parallel port (no content at present) |
| conscious thoughts | [see ╱mental╱conscious thoughts] |
| company (business) | [see ╱business, company] |
| compile | [see ╱building software╱compile] |
| combination lock briefcase |
| computer operating costs | [see ╱costs╱operating costs╱computer operating costs] |
| computer security standards | [see ╱cybersecurity standards] |
| Coreboot (BIOS/UEFI boot firmware system) | [see ╱boot╱bootloader, first-stage boot loader] |
| affordable | [related to ..╱cheap] (cf. UV tinting of already-owned glasses) |
| cheap (cf. low cost, cf. low price, cf. paper-based scrambler [which is cheap], cf Report cybercrime to the police) | [because OEM software is often cheap means for obtaining software, related to ╱software╱OEM software] [because open source is often cheap, associated with ╱open/closed source╱open source] |
| relying on high production cost of certain security tokens (broad security principle) | [see ╱broad security principles, relying on high production cost of certain security tokens] |
| financial constraints, budget | [related to ..╱affordable] | [see ╱financial, financial constraints] |
| stop funding the spies and hackers (broad security principle) | [see ╱broad security principles╱stop funding the spies and hackers] |
| countries mentioned in book |
| Netherlands | [see ..╱Holland] |
| COVID-19 | [see ╱coronavirus disease] |
| cracking passwords | [see ╱password cracking] |
| crime reporting to the police, for cyber-crime | [see ╱report, reporting╱report cyber-crime to the police] |
| cross authentication of digital security certificates | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱security certificates╱cross authentication] |
| cryptocurrencies/cryptocurrency | [see ╱financial╱cryptocurrency] |
| cryptography, cryptographic |
| Algorithms | [covered under ..╱protocols and algorithms] |
| cryptocurrencies/cryptocurrency | [see ╱financial╱cryptocurrency] |
| full-disk encryption (FDE) | [see ..╱full-system encryption, full-disk encryption] |
| encrypting emails using PGP security | [covered under ..╱protocols and algorithms╱public-key cryptography╱Pretty Good Privacy cryptography╱PGP cryptography for email security] |
| encrypting a full system, a full disk | [see ..╱full-system encryption, full-disk encryption] |
| encryption using passwords | [see ╱password╱password encryption] |
| FDE | [see ..╱full-system encryption, full-disk encryption] |
| full-system encryption, full-disk encryption (FDE) |
| frequent changing of encryption keys |
| password encryption | [see ╱password╱password encryption] |
| asymmetric cryptography (aka public-key cryptography) | [see ..╱public-key cryptography╱] |
| public-key cryptography (aka asymmetric cryptography, using public-private key pair, digital cryptography) |
| cryptocurrencies/cryptocurrency | [see ╱financial╱cryptocurrency╱public-key cryptography] |
| digital signing/signatures of files (no particular content at present) |
| security by pre-loaded private key | [see ╱systems╱design╱security by pre-loaded private key] |
| Pretty Good Privacy (PGP) cryptography |
| PGP cryptography for email security | [see ╱electronic mail╱email security╱PGP cryptography for email security] |
| GNU Privacy Guard (GPG) | [see ╱software tools, software utilities╱cryptography╱GPG] |
| Transport Layer Security (TLS) | [related to ╱Hypertext Transfer Protocol Secure] |
| TLS security certificates |
| certification authorities |
| TLS security certificates | [see ..╱..╱..╱Transport Layer Security╱TLS security certificates] |
| signing/signatures | [see ..╱digital signing/signatures] |
| security certificates for public-key-cryptography (aka asymmetric-cryptography) authentication | [see ..╱protocols and algorithms╱public-key cryptography╱security certificates] |
| security tokens for public-key cryptography | [see ╱security tokens╱security tokens for public-key cryptography] |
| Google Authenticator (key- and time- based app) | [see ╱app╱Google Authenticator] |
| cryptographic software tools, software utilities | [see ╱software tools, software utilities╱cryptography] |
| full-system encryption | [see ..╱full-system encryption, full-disk encryption] |
| tokens for public-key cryptography | [see ╱security tokens╱security tokens for public-key cryptography] |
| currency | [see ╱financial╱currency] |
| cybersecurity standards | [see ╱standards╱standards for security╱cybersecurity] |
| ‘data at rest’ | [see ╱‘at rest’ data] |
| data destruction | [contrasts and can complement ╱backup╱] |
| “destroy key when attacked” | [contrasts and can complement ╱backup╱backing-up security keys and passwords] |
| crypto shredding | [contrasts and can complement ╱backup╱backing-up security keys and passwords] |
| deleting files | [see ╱file╱file deletion] |
| design of systems | [see ╱systems╱design] |
| “destroy key when attacked” (broad security principle) | [see ╱broad security principles╱“destroy key when attacked”] |
| destructive measuring | [see ╱measuring method types] |
| detecting malware in source code | [see ╱malware╱detecting malware in source code] |
| deteriorate (cf. deterioration in factory resets) |
| deterioration due to frequent changing of encryption keys in FDE | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption╱frequent changing of encryption keys] |
| imitation diamonds (see dedicated index entry) |
| dice (rolling dice) | [see ╱random╱generating randomness╱rolling dice] |
| diffraction | [see ╱optical effects] |
| diff | [see ╱software tools, software utilities╱file comparison╱diff] |
| diffoscope | [see ╱software tools, software utilities╱file comparison] |
| digital camera | [see ╱camera╱digital camera] |
| digital certificates for security based on public-key cryptography (aka asymmetric cryptography) | [see ╱security certificate for public-key cryptography] |
| digital signing/signatures | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱digital signing/signatures] |
| microchip-based computer memory (hardware-based) |
| ROM (Read-only Memory) | [see ╱memory╱ROM] |
| RAM (Random-access Memory) | [see ╱memory ╱RAM] |
| flash memory | [see ╱memory╱flash memory] |
| non-microchip-based memory (hardware-less) |
| all types, alphabetical listing |
| compact disc (CD) | [see ..╱..╱Random-access Memory╱dis(c|k)-based╱optical/compact disc] |
| digital versatile disc (DVD) | [see ..╱..╱Random-access Memory╱dis(c|k)-based╱optical╱digital versatile disc] |
| floppy disk | [see ..╱..╱Random-access Memory╱dis(c|k)-based╱magnetic╱floppy disk] |
| hard disk drive (HDD) | [see ..╱..╱Random-access Memory╱dis(c|k)-based╱magnetic╱hard disk drive] |
| holographic data storage | [see ..╱..╱Random-access Memory╱holographic data storage] |
| magnetic-optical tape | [see ..╱..╱Sequential-access Memory╱tape╱magnetic-optical] |
| magnetic-optical discs | [see ..╱..╱Random-access Memory╱dis(c|k)-based╱magnetic-optical╱magnetic-optical discs] |
| magnetic tape (eg. cassette tapes) | [see ..╱..╱Sequential-access Memory╱tape╱magnetic] |
| optical tape | [see ..╱..╱Sequential-access Memory╱tape╱optical] |
| SAM | [see ..╱Sequential-access Memory] |
| Sequential-access Memory (SAM) |
| drives for such media | [see ╱hardware╱digital-storage hardware╱drives and readers╱tape drives] |
| RAM | [see ..╱Random-access Memory] |
| Random-access Memory (RAM) |
| optical ROM (read-only memory) discs | [read-only CDs, read-only DVDs, etc.] |
| writing (aka burning) optical ROM discs |
| as live DVDs, or live CDs |
| burner for such media | [see ..╱writer for such media] |
| digital versatile disc (DVD) |
| drive for such media | [see ╱hardware╱digital-storage hardware╱drives and readers╱optical disc drives] |
| writer (burner) for such media | [covered under ..╱‘drive for such media’] |
| drive for floppy disks | [see ╱hardware╱digital-storage hardware╱drives and readers╱floppy disk drive] |
| holographic data storage (no information at present) |
| hardware | [see ╱hardware╱digital-storage hardware] |
| full-disk encryption (FDE) | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption] |
| DIY | [see ╱Do It Yourself] |
| DIY ultrasound imaging kit | [see ╱physical properties╱images] |
| DIY security principle (broad security principle) | [see ╱broad security principles╱DIY security principle] |
| drives (computer drive) and readers (card readers for computer systems) | [see ╱hardware╱digital-storage hardware╱drives and readers╱] |
| dual-booting (a special instance of multi-booting) | [see ╱boot╱multi-booting] |
| Digital Video Disc | [see ╱Digital Versatile Disc] |
| Digital Versatile Disc | [see ╱digital storage╱media╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱optical╱DVDs] |
| DVD | [see ╱Digital Versatile Disc] |
| eavesdropper, eavesdropping | [see ╱spy╱eavesdropper] |
| Eiffel (Eiffel programming language) | [see ╱programming╱programming languages╱Eiffel] |
| electronic keyboard signals |
| electric field imaging | [see ╱physical properties╱image] |
| electronic mail | [see ╱communication╱electronic mail] |
| electromagnetic radiation |
| email | [see ╱communication╱electronic mail] |
| EM radiation | [see ╱electromagnetic radiation] |
| embedded microcontrollers |
| emoji | [see ╱language╱emoji] |
| emulators (type of software that emulates another software) |
| Wine Is Not an Emulator (Wine) (Windows emulator for Unix-like operating systems) |
| encryption | [covered under ╱cryptography, cryptographic╱] |
| error correction algorithms |
| Essex police | [see ╱police] |
| evil maid attack | [see ╱attack╱different classes of attack] |
| Expensive | [see ╱costs╱expensive] |
| fat clients | [see ╱server-client computing model╱client╱thin/fat clients╱fat clients] |
| FDE (full-disk encryption, full-system encryption) | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption] |
| file (computer file) | [related to ╱digital storage] |
| backing up files | [see ╱backup╱backing up files] |
| digital-signing of files, and the use of such signatures | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱digital signing/signatures╱of files] |
| to detect malware introductions when using reproducible-builds protocol |
| byte-for-byte comparison | [see ╱byte-for-byte comparison for general treatment of byte-for-byte comparison] |
| software tools and utilities | [see ╱software tools, software utilities╱file comparison] |
| file deletion (no particular content at present) |
| recoverable deletion (no particular content at present) |
| data sanitisation | [falls under ╱data destruction╱data sanitisation] |
| file transfer, file transmission, sending files |
| downloads, downloading (no particular content at present) | [falls under ╱downloads, downloading] |
| secure communication of files | [see ╱secure communication╱of files] |
| malware in files (no particular content at present) | [see ╱malware╱malware in files] |
| “based on time taken to forge” broad security principle | [see ╱broad security principles╱time-based broad security principles╱“based on time taken to forge” security principle] |
| financial | [related to ╱costs] |
| bank references (transaction references) |
| bank transactions | [see ╱financial╱financial transactions╱bank transactions] |
| bank systems | [see ╱financial╱financial systems╱bank systems] |
| Bitcoin keys | [see ..╱..╱..╱cryptocurrency keys╱Bitcoin keys] |
| cryptocurrency security | [see ╱standards╱security standards╱cryptocurrency] |
| cryptocurrency systems | [see ╱financial╱financial systems╱cryptocurrency systems] |
| cryptocurrency transactions | [see ╱financial╱financial transactions╱cryptocurrency transactions] |
| public-key cryptography (using public-private key pair, aka asymmetric cryptography) |
| public-key cryptography in general | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography] |
| financial constraints, budget | [see ╱costs╱financial constraints╱budget] |
| cryptocurrency systems (no particular information at present) |
| cryptocurrency (such as Bitcoin) transactions |
| cryptocurrency security | [see ╱standards╱security standards╱cryptocurrency] |
| treasure map | [see ╱treasure map] |
| flash memory | [see ╱memory╱flash memory] |
| floppy disk | [see ╱digital storage╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱magnetic╱floppy disk] |
| full-system encryption, full-disk encryption (FDE) | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption] |
| Gas Chromatography Mass Spectrometry machine |
| GC-MS machine | [see ╱Gas Chromatography Mass Spectrometry] |
| GDPR | [see ╱General Data Protection Regulation] |
| General Data Protection Regulation | [see ╱legislation╱GDPR] |
| geographic areas | [see ╱geospatial] |
| geographic areas, geographies |
| see countries mentioned in book |
| geospatial-based broad security principles | [see ╱broad security principles╱geospatial-based broad security principles] |
| Germany | [see ╱countries mentioned in book╱Germany] |
| GitHub | [see ╱systems╱collaborative development╱GitHub] |
| Glacier protocol | [see ╱standards╱security standards] |
| glare | [see ╱optical effects] |
| glasses (looking glasses, spectacles) |
| Google Authenticator (key- and time- based app) | [see ╱apps] |
| GNU’s-Not-Unix! Privacy Guard (GPG) | [see ╱software tools, software utilities╱cryptography╱GPG] |
| GNU Privacy Guard (GPG) | [see ╱software tools, software utilities╱cryptography╱GPG] |
| GPG | [see ╱software tools, software utilities╱cryptography╱GPG] |
| Greek alphabet | [see ╱language╱alphabet╱non-latin alphabet╱Greek alphabet] |
| graphical user interface (GUI) (for computing) |
| gravitational weight | [see ╱physical properties╱weight] |
| GUI | [see ╱graphical user interface] |
| backing up files after discovery of having been hacked | [see ╱backup╱backing up files╱after discovery of having been hacked] |
| stop funding the spies and hackers (broad security principle) | [see ╱broad security principles╱stop funding the spies and hackers] |
| hand-made paper | [see ╱natural hand-made paper] |
| hardware (computer hardware) |
| drives (computer drive) and readers (card readers for computer systems) |
| card readers for SD cards | [see ╱memory | [microchip-based computer memory]╱flash memory╱Secure Digital cards╱readers] |
| writing (aka burning) optical discs |
| writing (aka burning) optical ROM discs (can be DVDs, CDs) | [see ╱digital storage╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱optical╱optical ROM discs╱writing optical ROM discs] |
| hardware-less media (for digital storage) | [see ╱digital storage╱media╱non-microchip-based memory] |
| hardware-based media (for digital storage) | [see ╱digital storage╱media╱non-microchip-based memory] |
| hardware hacking | [see ╱hack╱security hacking╱hardware hacking] |
| hardware considered as either open-source or closed-source |
| open-source hardware | [opposite of ..╱closed-source hardware] |
| Novena open-source computing hardware platform |
| (cf. USB device firmware specifications being more open) |
| closed-source hardware | [opposite of ..╱open-source hardware] |
| (cf. SD card firmware not having open specifications?) |
| open/closed source in general | [see ╱open/closed source] |
| hardware researchers/specialists |
| hard disk drive | [see ╱digital storage╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱magnetic╱hard disk drive] |
| Haven: Keep Watch | [see ╱apps] |
| HDD | [see ╱hard disk drive] |
| Heads (BIOS/UEFI boot firmware system) | [see ╱boot╱bootloader╱first-stage boot loader] |
| hibernate (a computer’s hibernate mode) | [see ╱powering computer systems╱system power states╱hibernate] |
| higher-level programming language | [see ╱programming╱programming languages╱higher-level programming language] |
| high-risk, high-sensitivity |
| historic version of the software | [see ╱old software, old devices] |
| historic software (historic version of the software) | [see ╱historic version of the software] |
| deceptive fake (cf. forgery) (cf. evil maid attack where computer is replaced with deceptive fake) cf. “A counter-argument to using this protocol is that adversaries with supercomputers can easily fake such numbers of coins…..“ |
| Holland | [see ╱countries mentioned in book╱Holland] |
| hologram, holography, holographic |
| holographic data storage | [see ╱digital storage╱non-microchip-based memory╱Random-access Memory╱holographic data storage] |
| home and mobile working | [related to ╱remote working] |
| HTTPS | [see ╱communication╱communication protocols for computing devices╱protocols that are also standards╱ Hypertext Transfer Protocol Secure╱] |
| Hypertext Transfer Protocol Secure | [see ╱communication╱communication protocols for computing devices╱protocols that are also standards╱Hypertext Transfer Protocol Secure╱] |
| magnetic image | [see ╱physical properties╱image] |
| magnetic resonance imaging | [see ╱physical properties╱magnetic resonance imaging] |
| visual image | [see ╱physical properties╱image] |
| radio-frequency imaging | [see ╱physical properties╱image] |
| RF imaging | [see ╱physical properties╱image] |
| electric field imaging | [see ╱physical properties╱image] |
| photography | [see ╱photography] |
| T ray | [see ╱physical properties╱image╱t ray] |
| X ray | [see ╱physical properties╱image╱x ray] |
| ultrasound image | [see ╱physical properties╱image╱ultrasound image] |
| ‘Inception’ styled attacks | [see ╱attack╱different classes of attack╱mind-reading psychic attack╱‘Inception’ styled attacks] |
| deep hardware hacking | [see ╱hack╱security hacking╱hardware hacking╱deep hardware hacking] |
| infra-red scanning | [see ╱physical properties] |
| infrared filter | [see ╱physical properties] |
| ink paper marbling | [see ╱paper╱ink paper marbling] |
| input/output (input and output aspect of computing hardware) |
| infra red | [see ╱physical properties╱ infra red] |
| installation software | [see ╱software╱installation software] |
| intellectual property concerning source code and designs |
| open source | [opposite of ..╱closed source] |
| open source in general | [see ╱open/closed source╱open source] |
| closed source | [opposite of ..╱open source] |
| closed source in general | [see ╱open/closed source╱closed source] |
| internal Read-Only Memory (of a computer system) |
| internal ROM | [see ╱internal Read-Only Memory] |
| internet research (cf. internet searching) |
| internet bandwidth, internet quota |
| internet browser | [see ╱web/internet browser] |
| inventions for security | [see ╱security invention] |
| keyboard (computer keyboard) |
| asymmetric cryptography | [aka public-key cryptography] | [see ..╱public-key cryptography╱] |
| backing-up security keys | [covered under ╱backup╱backing-up security keys and passwords] |
| destroying keys | [contrasts and can complement ╱backup╱backing-up security keys and passwords] |
| crypto shredding | [see ╱data destruction╱crypto shredding] |
| “destroy key when attacked” | [see ╱data destruction╱“destroy key when attacked”] |
| frequent changing of encryption keys in FDE | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption╱frequent changing of encryption keys] |
| public-key cryptography (using public-private key pair, aka asymmetric cryptography) |
| PGP (Pretty Good Privacy) public key | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱PGP public key] |
| private key | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱private key] |
| public key | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱public key] |
| Bitcoin keys | [see ╱financial╱currency╱cryptocurrency╱different currencies╱Bitcoin╱Bitcoin keys] |
| tokens for public-key-cryptography keys | [see ╱security tokens╱security tokens for public-key cryptography] |
| physical key | [related to ╱physically lock, physical lock╱physical -key lock] |
| cloned key | [see ╱cloned key] |
| key scrambler (aka keyboard scrambler) |
| Kodak online printing (UK business) | [see ╱business╱online printing businesses] |
| programming language | [see ╱programming╱programming language] |
| lapse(s) in security | [see ╱security lapse] |
| Latin alphabet | [see ╱language╱alphabet] |
| legislation (hardly any content at present) |
| GDPR (General Data Protection Regulation) |
| Linux (OS) | [see ╱operating system╱different operating systems] |
| location (geospatial) | [see ╱geospatial] |
| lock (physical) | [see ╱physical lock] |
| locking, and lock for, computer screen | [see ╱computer screen lock/locking] |
| log-off (no particular content at present?) |
| loud alarm | [see ╱alarm╱loud alarm] |
| low cost | [see ╱costs╱cheap] |
| magnetic fields, magnetism, magnet, magnetic |
| magnetic tape (computer storage, eg. cassette tapes) | [see ╱digital storage╱non-microchip-based memory╱Sequential-access Memory╱tape╱magnetic] |
| magnetic-optical | [see ╱magnetic-optical] |
| magnetic weight | [see ╱physical properties╱weight] |
| magnetic image | [see ╱physical properties╱image] |
| magnetic resonance imaging | [see ╱physical properties╱magnetic resonance imaging] |
| MRI | [see ╱physical properties╱magnetic resonance imaging] |
| tape | [see ╱digital storage╱non-microchip-based memory╱Sequential-access Memory╱tape╱magnetic-optical] |
| discs | [see ╱digital storage╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱magnetic╱magnetic-optical discs] |
| magnetic tape (computer storage, eg. cassette tapes) | [see ╱digital storage╱non-microchip-based memory╱sequential-access Memory╱tape╱magnetic] |
| malware in files (no particular content at present) |
| detecting malware in source code |
| by using reproducible-builds protocol |
| file-comparison aspect | [see ╱file╱file comparison╱to detect malware introductions when using reproducible-builds protocol] |
| manufacturer, producer (intersects with business) (manufacturers and producers named in book) |
| OEM | [see ╱original equipment manufacturer] |
| cf. provider’s authentication server in §“Security by pre-loaded private key” |
| <different manufacturer names> |
| marbling (paper marbling) | [see ╱paper╱paper marbling] |
| Mark Fernandes | [see ╱persons] |
| acetone | [see ..╱glue solvents╱acetone] |
| bubble wrap | [see ..╱unrepeatable-pattern materials╱shape-retentive materials that are very easily deformed╱bubble wrap] |
| cling film | [see ..╱transparent material╱cling film] |
| crumpling plastic material | [see ..╱shape-retentive material that is very easily deformed╱plastic that crumples] |
| foam peanuts | [see ..╱unrepeatable-pattern materials╱polystyrene pieces╱foam peanuts] |
| foil (reflective foil) that is shredded | [see ..╱unrepeatable-pattern materials╱shredded╱shredded reflective foil] |
| glitter nail varnish | [see ..╱unrepeatable-pattern materials╱glitter nail varnish] |
| hand-made paper | [see ..╱paper╱hand-made paper] |
| holographic material that is shredded | [see ..╱unrepeatable-pattern materials╱shredded╱shredded holographic material] |
| imitation diamonds | [see ..╱transparent material╱imitation diamonds] |
| ink-marbled paper | [see ..╱paper╱ink-marbled paper] |
| mylar x-ray film | [see ..╱x-ray film╱mylar x-ray film] |
| newspaper | [see ..╱paper╱newspaper] |
| tea-bag marbled stained paper |
| plastic, transparent pouch/bag material | [see ..╱transparent material╱plastic pouch/bag material] |
| plastic that crumples | [see ..╱unrepeatable-pattern materials╱shape-retentive material that is very easily deformed╱plastic that crumples] |
| polystyrene pieces | [see ..╱unrepeatable-pattern materials╱polystyrene pieces] |
| printer paper | [see ..╱paper╱printer paper] |
| reflective foil that is shredded | [see ..╱unrepeatable-pattern materials╱shredded╱shredded reflective foil] |
| rice grains | [see ..╱unrepeatable-pattern materials╱rice grains] |
| shredded | [see ..╱unrepeatable-pattern materials╱shredded] |
| shell-suit material | [see ..╱unrepeatable-pattern materials╱shape-retentive material that is very easily deformed╱shell-suit material] |
| silk | [see ..╱unrepeatable-pattern materials╱shape-retentive material that is very easily deformed╱silk] |
| super glue | [see ..╱glue╱super glue] |
| tea-bag marbled stained paper | [see ..╱paper╱tea-bag marbled stained paper] |
| tie-dye material | [see ..╱unrepeatable-pattern materials╱materials that might be suitable╱tie-dye material] |
| cling film | [related to ..╱..╱unrepeatable-pattern materials╱shredded╱shredded cling film] |
| imitation diamonds | [related to ..╱..╱unrepeatable-pattern materials╱imitation diamonds] |
| plastic pouch/bag material |
| transparent beads | [related to ..╱..╱unrepeatable-pattern materials╱transparent beads] |
| transparent plastic that is shredded | [related to ..╱..╱unrepeatable-pattern materials╱shredded╱shredded transparent plastic] |
| unrepeatable-pattern materials |
| materials that might be suitable |
| ink-marbled paper | [see ..╱..╱..╱paper╱ink-marbled paper] |
| newspaper | [see ..╱..╱..╱paper╱newspaper] |
| printer paper | [see ..╱..╱..╱paper╱printer paper] |
| tea-bag marbled stained paper | [see ..╱..╱..╱paper╱tea-bag marbled stained paper] |
| tie-dye material | [see ..╱..╱..╱paper╱tie-dye material] |
| shape-retentive materials that are very easily deformed |
| shredded holographic material |
| shredded paper | [see ..╱..╱..╱paper╱shredded paper] |
| shredded transparent plastic |
| Matthew Garrett | [see ╱persons] |
| measurements, readings of physical properties | [see ╱physical properties╱readings╱measuring] |
| memory (microchip-based computer memory) |
| ROM | [see ╱Read-only Memory] |
| RAM | [see ╱Random-access Memory] |
| NOR flash (NOR stands for the not-or logic gate) |
| NAND flash (NAND stands for the not-and logic gate) |
| SD cards | [see ╱Secure Digital cards also in this group] |
| Secure Digital cards (SD cards) |
| smartphone internal SD cards |
| readers for SD cards | [see ╱hardware╱digital-storage hardware╱drives and readers╱card readers for SD cards] |
| SSD | [see ╱solid-state drive] |
| mindset of hackers | [see ╱hack╱security hacking╱mindset of hackers] |
| psychic attack | [see ╱attack╱different classes of attack╱ mind-reading psychic attack] |
| security in spite of amnesia | [see ╱security in spite of amnesia] |
| MFA | [see ╱multi-factor authentication] |
| microwave oven | [see ╱microwave testing] |
| other policies (no content at present) |
| mindset of hackers | [see ╱hack╱security hacking╱mindset of hackers] |
| minimally-above-average security (broad security principle) | [see ╱broad security principles╱minimally-above-average security] |
| multi-factor authentication (MFA) |
| 2-factor authentication (special instance of MFA) |
| Micah Lee (a long-time Qubes advocate) |
| microchip (computer microchip, chip is abbreviation) |
| microchip-based computer memory | [see ╱memory | [microchip-based computer memory]] |
| Micro SD cards | [see ╱Secure Digital cards] |
| mind reading | [see ╱mental╱mind reading] |
| memory stick | [see ╱USB memory stick] |
| Michael A. Caloyannides | [see ╱persons] |
| MITM | [see ╱Man In The Middle] |
| mobile phone | [see ╱phones╱mobile phones] |
| mobile working | [see ╱home and mobile working] |
| monetary amounts | [see ╱financial╱currency╱money╱monetary amounts] |
| Morse code | [see ╱language╱Morse code] |
| motion detector alarms | [see ╱alarms╱motion detector alarms] |
| multi-step security | [see ╱MFA] |
| multi-booting | [see ╱boot╱multi-booting] |
| mylar x-ray film | [see ╱physical properties] |
| naked eye | [related to ╱visible spectrum] |
| National Cyber Security Centre for the UK (NCSC) | [see ╱organisations and businesses╱names of non-business organisations╱National Cyber Security Centre] |
| NCSC | [see ╱organisations and businesses╱names of non-business organisations╱National Cyber Security Centre] |
| Neo public-key-cryptography USB security tokens | [see ╱security tokens╱security tokens for public-key cryptography╱USB tokens╱brands╱Yubikey, Yubico╱Neo] |
| Near Field Communications (NFC) | [see ╱communication╱wireless communication╱types╱NFC] |
| new software, and devices | [see ╱age of software, and devices╱new] |
| Netherlands | [see ╱countries mentioned in book╱Netherlands] |
| network for wireless communication | [see ╱communication╱wireless communication╱network] |
| newspaper | [see ╱paper╱newspaper] |
| NFC | [see ╱communication╱wireless communication╱types╱NFC] |
| Nitrokey brand of USB security tokens | [see ╱security tokens╱security tokens for public-key cryptography╱USB tokens╱brands╱Nitrokey] |
| noise (random noise) | [related to ╱unrepeatable pattern] |
| non-Latin alphabet | [see ╱language╱alphabet] |
| non-verbal symbol | [see ╱language╱non-verbal symbol] |
| NOR flash (flash microchip memory) | [see ╱memory | [microchip-based computer memory]╱flash memory] |
| NAND flash (flash microchip memory) | [see ╱memory | [microchip-based computer memory]╱flash memory] |
| non-invasive measuring methods | [see ╱measuring method types╱non-invasive] |
| non-destructive measuring methods | [see ╱measuring method types╱non-destructive] |
| Novena open-source computing hardware platform | [see ╱hardware╱hardware considered as either open-source or closed-source╱open-source hardware╱Novena open-source computing hardware platform] |
| obtaining software | [see ╱software╱obtaining software╱] |
| original equipment manufacturer (OEM) software | [see ╱software╱OEM software] |
| OEM software | [see ╱software╱OEM software] |
| old software, and devices | [see ╱age of software, and devices╱old] |
| online printing business | [see ╱business╱online printing business] |
| online shop | [see ╱business╱shop╱online shop] |
| considered as a business model | [see ╱business╱business models╱open-source vs. closed-source] |
| open source | [opposite of ..╱closed source] |
| open source source code | [see ╱programming╱source code╱source code considered as either open source or closed source╱open source source code] |
| open source hardware | [see ╱hardware╱hardware considered as either open-source or closed-source╱open-source hardware] |
| open source considered as intellectual property | [see ╱intellectual property╱intellectual property concerning source code and designs╱open source] |
| closed source | [opposite of ..╱open source] |
| closed source source code | [see ╱programming╱source code╱source code considered as either open source or closed source╱closed source source code] |
| closed source hardware | [see ╱hardware╱hardware considered as either open-source or closed-source╱closed-source hardware] |
| closed source considered as intellectual property | [see ╱intellectual property╱intellectual property concerning source code and designs╱closed source] |
| optical disc (such as CDs and DVDs) | [see ╱digital storage╱media╱non-microchip-based memory╱Random-access Memory╱optical╱dis(c|k)-based] |
| optical ROM discs (read-only CDs, read-only DVDs, etc. {ROM=read-only memory}) | [see ╱digital storage╱media╱non-microchip-based memory╱Random-access Memory╱optical╱optical ROM discs] |
| translucency (no content at present). |
| diffraction | [related to interference patterns in ╱hologram, holography..] |
| stereoscopy (no content at present). |
| moving images revealed in holograms by moving hologram. |
| optical tape | [see ╱digital storage╱media╱non-microchip-based memory╱Sequential-access Memory╱tape╱optical] |
| option ROMs (ROM=read-only memory) |
| Oracle Cloud compute instance |
| Oracle Cloud Linux | [see ╱operating system╱different operating systems] |
| Oracle Cloud Linux compute instance |
| organisations and businesses |
| names of non-business organisations |
| Chaos Communication Congress |
| Essex police | [see ..╱governmental╱police╱Essex police] |
| National Cyber Security Centre (NCSC) | [see ..╱governmental╱country-specific╱UK╱National Cyber Security Centre] |
| Qubes OS project (for general info about Qubes OS) | [see ╱Qubes OS] |
| Raspberry Pi Foundation (for general info about Raspberry Pi technology) | [see ╱Raspberry Pi] |
| Wikimedia Foundation (for general info about Wikipedia, which is owner by the foundation) | [see ╱Wikipedia] |
| National Cyber Security Centre (NCSC) |
| Essex police | [see ..╱..╱country-specific╱UK╱Essex police] |
| names of organisations and businesses |
| certification authorities |
| Chaos Communication Congress |
| GitHub | [see ╱systems╱collaborative development╱GitHub] |
| National Cyber Security Centre (NCSC) |
| secret criminal societies |
| operating system (OS) (base platform software for using a computer) |
| different operating systems |
| general info about Raspberry Pi technology | [see ╱Raspberry Pi] |
| Android operating system (for mobile devices) |
| operating-system login account |
| operating costs | [see ╱costs╱operating costs] |
| order, ordering (request for product/service) | [related to ╱purchasing] |
| compared with non-order acquisition of goods (ordering is prone to MITM attacks) |
| ordering many units of same product (broad security principle) |
| ordering goods requiring physical transit to customer |
| security for goods in physical transit | [see ╱physical transit╱security for goods in physical transit] |
| returning orders | [see ╱product return] |
| OS (operating system) | [see ╱operating system] |
| outside the box | [see ╱mental╱thinking outside the box] |
| tea-bag marbled stained paper |
| hand-made paper | [see ╱natural hand-made paper] |
| changing passwords | [covered under ╱changing passwords and keys] |
| password manager (aka password vault) |
| communicating passwords (cf. Appendix) |
| rate limiting in password attempts |
| pattern (graphical pattern) |
| different “ready-to-run” PCs marketed as products |
| Chromebook, Chromebox, Chromebit | [see ╱server-client computing model╱client╱web client computers╱Chromebook, Chromebox, Chromebit] |
| persons (individuals named in book) |
| Andrew "bunnie" Huang (computer hardware researcher and specialist) |
| Mark Fernandes (software developer, original author of this book) |
| Matthew Garrett (technologist, software developer, worked on secure boot protocol) |
| Michael A. Caloyannides (author of “Desktop Witness: The Do's and Don'ts of Personal Computer Security”) |
| Trammell Hudson (principal developer of the Heads BIOS/UEFI boot firmware system) |
| PC | [see ╱personal computer] |
| Cf. Raspberry Pi, cf. peer review in ‘build from source’ section, cf. publishing security methods section (in broad principles section) |
| peripheral (computer peripheral) |
| old mobile phone | [see ╱age of software, and devices╱old╱old mobile phone, mobile device] |
| new mobile phone | [see ╱age of software, and devices╱new╱new mobile phone╱mobile device] |
| internal SD cards in smartphones | [see ╱memory | [microchip-based computer memory]╱flash memory╱SD cards╱smartphone internal SD cards] |
| PGP public key | [see ╱cryptography, cryptographic╱protocols and algorithms╱Pretty Good Privacy cryptography╱PGP public key] |
| PGP cryptography | [see ╱cryptography, cryptographic╱protocols and algorithms╱Pretty Good Privacy cryptography] |
| photography, photograph, photographing |
| visible-spectrum photography |
| security-photo matching software | [see ╱software╱security-photo matching software] |
| physical isolation (cf. §“Based on time passed”) |
| physical key | [see ╱key╱physical key] |
| physically lock, physical lock | [related to ╱safe] |
| physical -key lock | [related to ╱key╱physical key] |
| magnetic resonance imaging |
| RF imaging | [see below, radio-frequency imaging] |
| photography | [see ╱photography] |
| T ray (Terahertz radiation scan analogous to an x ray) |
| DIY ultrasound imaging kit |
| measuring physical properties for authentication | [see ╱authentication╱measuring physical properties for authentication] |
| radio-frequency detection |
| physical shelves | [see ╱business╱shop╱physical shop╱physical shelves] |
| physical shop/store | [see ╱business╱shop╱physical shop] |
| security for goods in physical transit |
| pinhole (pinhole material) |
| plastic bags | [see ╱shape flexibility╱plastic bag] |
| platform (computer platform) |
| polarisation | [see ╱optical effects] |
| Essex police | [see ╱organisations and businesses╱names of non-business organisations╱Essex police] |
| report cyber-crime to the police | [see ╱report, reporting╱report cyber-crime to the police] |
| polarised (polarised optical filter) |
| polystyrene pieces (such as those used for cushioning parcelled items) | [see ╱foam peanuts] |
| porting source code to higher-level programming language | [see ╱programming╱source code╱porting source code to higher-level programming language] |
| power states (system power states) | [see ╱powering computer systems╱system power states] |
| powering computer systems |
| system power states (for computer system) |
| hibernate (s4) (no content at present) |
| soft off/boot, warm boot (s5) (no content at present) |
| powered-off (step in cold booting) (G3) (cf. securing bootloader when in powered-off...)(there are two types of shutdown {G3}: graceful and hard) |
| Pretty Good Privacy (PGP) cryptography | [see ╱cryptography, cryptographic╱protocols and algorithms╱Pretty Good Privacy cryptography] |
| principles of security that are broad | [see ╱broad security principles] |
| 3D printers (3D=three-dimensional, no content at present). |
| printer paper | [see ╱paper╱printer paper] |
| privacy screen filters | [see ╱privacy screens | [filters]] |
| programming, coding, reprogramming | [related to ╱hack╱hacker culture] |
| porting source code to higher-level programming language | [see ..╱..╱source code╱porting source code to higher-level programming language] |
| higher-level programming language |
| porting source code to higher-level programming language | [see ..╱..╱..╱source code╱porting source code to higher-level programming language] |
| cryptography algorithms | [see ╱cryptography, cryptographic╱algorithms] |
| by using collaborative development | [see ╱systems╱collaborative development╱when used for auditing source code changes] |
| detecting malware in source code | [see ╱malware╱detecting malware in source code] |
| porting source code to higher-level programming language |
| building from source | [see ╱building software╱building from source] |
| source code considered as either open source or closed source |
| open source source code | [opposite of ..╱closed source/source code] |
| closed source source code | [opposite of ..╱open source source code] |
| open/closed source in general | [see ╱open/closed source] |
| probability, probabilistic | [related to ╱random] |
| product ordering | [see ╱order, ordering] |
| proof of work | [see ╱financial╱cryptocurrencies╱proof of work] |
| pronunciation | [see ╱language╱pronunciation] |
| pros vs cons (for and against) |
| for cryptography | [see ╱cryptography, cryptographic╱protocols and algorithms] |
| for communication | [see ╱communication╱communication protocols for computing devices] |
| that are also standards | [see ╱standards╱protocols] |
| reproducible-builds protocol | [see ╱building software╱reproducible builds] |
| zero-knowledge authentication protocol |
| psychic | [see ╱mental╱mind reading╱psychic] |
| PS/2 (keyboard interface standard, PS/2 means IBM Personal System/2, IBM stands for International Business Machines and is a technology company) |
| public authentication PGP key | [see ╱key╱digital key╱public-key cryptography╱PGP public key] |
| private key | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱private key] |
| “private-public key pair” encryption | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography] |
| public key | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱public key] |
| public-key cryptography (aka asymmetric cryptography) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography] |
| “public-private key pair” encryption | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography] |
| publishing security methods (broad security principle) | [see ╱broad security principles╱publishing security methods] |
| purchase, purchasing | [related to ╱ordering] |
| costs of purchases | [see ╱costs] |
| purchasing software | [intersects with ╱software╱obtaining software╱] |
| refunds for purchases | [see ╱financial╱refund] |
| returning purchased products | [see ╱product return] |
| shop from which purchases can be made | [see ╱business╱shop] |
| QC parameters | [see ╱quality-control parameters] |
| quality-control parameters |
| quantum entanglement (analogy, in respect of testing one unit to determine properties of second unit) | [see ╱testing] |
| Qubes OS / Qubes | [see ╱operating system╱different operating systems] |
| entity behind Qubes OS | [see ╱organisations and businesses╱names of non-business organisations╱Qubes OS project] |
| radio-frequency imaging (RF imaging) | [see ╱physical properties] |
| radio-frequency detection (RF detection) | [see ╱physical properties] |
| radio-frequency fields | [see ╱RF fields] [see ╱physical properties] |
| random | [related to ╱probability] |
| Random Access Memory (RAM) |
| user randomly selecting unit from off physical shelves (broad security principle) | [see ╱business╱shop╱physical shop╱physical shelves] |
| RAM | [contrasts with ╱SAM] | [see ╱random╱Random Access Memory] |
| Raspberry Pi OS | [see ╱operating system╱different operating systems] |
| creator (of Raspberry Pi products) | [see ╱organisations and businesses╱names of non-business organisations╱Raspberry Pi Foundation] |
| readers (card readers for computer systems) | [covered under ╱hardware╱digital-storage hardware╱drives and readers╱] |
| microchip-based computer memory | [see ╱digital storage╱media, microchip-based computer memory╱ROM] |
| optical ROM discs (eg. read-only CDs, read-only DVDs) | [see ╱digital storage╱media╱non-microchip-based memory╱Random-access Memory╱dis(c|k)-based╱optical] |
| recycle, recycled, recycling |
| recycled paper | [see ╱paper╱recycled paper] |
| refund | [see ╱financial╱refund] |
| reflectivity | [see ╱optical effects] |
| refractivity | [see ╱optical effects] |
| regulation (a type of legislation) | [see ╱legislation] |
| restricted viewing enclosure | [see ╱view restriction╱cardboard “restricted viewing enclosure”] |
| remote control (remotely controlling computer) |
| remote working | [related to ..╱home and mobile working] |
| replay attack | [see ╱attack╱different classes of attack] |
| report cyber-crime to the police (broad security principle) |
| reproducible builds | [see ╱building software╱reproducible builds] |
| response and recovery (cf. §“What to do when you discover your computer has been hacked) |
| return (product return) | [see ╱product return] |
| RF (radio frequency) | [see ╱radio frequency] |
| rolling dice | [see ╱random╱generating randomness╱rolling dice] |
| ROM | [see ╱Read-only Memory] |
| router | [see ╱hardware╱router] |
| safe (physical safe) | [related to ╱physically lock, physical lock] |
| SAM | [contrasts with ╱RAM] | [see ╱Sequential Access Memory] |
| sandboxing | [related to ╱cloud computing] |
| screensaver lock | [covered under ╱computer screen lock/locking] |
| screen lock | [covered under ╱computer screen lock/locking] |
| computer screws | [see ╱computer screws] |
| scorched earth | [see ╱military╱military policy╱scorched earth] |
| SD card | [see ╱Secure Digital card] |
| Secure Digital card (SD card) | [see ╱memory╱flash memory╱SD card] |
| second hand (used goods, services, etc.) (not brand new) |
| second hand shop | [see ╱business╱shop╱second-hand shop] |
| secure communication | [see ╱communication╱secure communication] |
| security in spite of amnesia (cf. security reminders) |
| security by pre-loaded private key | [see ╱systems╱design╱security by pre-loaded private key] |
| security via mass adoption |
| secret criminal society | [see ╱secret society╱secret criminal society] |
| security in cyber secure systems and their design | [see ╱design╱design of cyber secure systems] |
| security alarm | [see ╱alarm╱security alarm] |
| security certificate for public-key cryptography (aka asymmetric cryptography) |
| security certificate for public-key cryptography | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱security certificates] |
| security certificate for Transport Layer Security (TLS) (digital security certificate) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱Transport Layer Security╱TLS security certificates] |
| security community, security researchers |
| security derived from source-code auditing |
| preventing lapses in security | [see ╱broad principles╱preventing lapses in security] |
| security level (complements ‘threat model’ concept) |
| think in terms of gradual movement along a security-level continuum (broad security principle) |
| [see ╱broad security principles╱think in terms of gradual movement along a security-level continuum] |
| security location for resting | [see ╱‘at rest’ security location] |
| security method publishing (broad security principle) | [see ╱broad security principles╱publishing security methods] |
| security-photo matching software | [see ╱software╱security-photo matching software] |
| security principles that are broad | [see ╱broad security principles] |
| security products and services (cf. §“National Cyber Security Centre”) |
| GPG | [see ╱software tools, software utilities╱cryptography╱GPG] |
| Google Authenticator (key- and time- based app) |
| combination lock briefcase |
| security rating | [related to ╱security level] | [see ╱standards╱security standards╱security rating] |
| security reminder (cf. Preventing lapses in security) (can sometimes overcome amnesia) |
| security standards | [see ╱standards╱security standards] |
| relying on high production cost of certain security tokens (broad security principle) | [see ╱broad security principles╱relying on high production cost of certain security tokens] |
| security tokens for public-key cryptography |
| general information on public-key cryptography | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography] |
| security whilst asleep | [see ╱sleeping, and security when asleep] |
| security zone | [related to ╱broad security principles╱geospatial-based broad security principles] |
| Sequential Access Memory (SAM) |
| server | [see ╱server-client computing model╱server] |
| server-client computing model |
| client (client computer/software) |
| thin clients (similar to web client computers) |
| web client computers (similar to thin clients) |
| Chromebook, Chromebox, Chromebit |
| server (computer/software server) |
| Shamir's Secret Sharing | [see ╱backup╱backing-up security keys and passwords╱Shamir's Secret Sharing] |
| shape retention ‘at rest’ | [see ╱‘at rest’ shape retention] |
| shape flexibility (cf. §“Perhaps the simplest and best idea”) |
| (in relation to shell-suit material, silk scarves, bubble wrap, and plastic bags) |
| (in relation to bag/pouch) |
| shell-suit | [see ╱shape flexibility╱shell-suit] |
| physical shelves | [see ╱business╱shop╱physical shop╱physical shelves] |
| shop | [see ╱business╱shop] |
| shreds, shredding, shredder |
| shutdown (computer shutdown, there are two types: graceful and hard) | [see ╱powering computer systems╱system power states╱sleep mode] |
| signing/signature (digital signatures in cryptography) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱digital signing╱signatures] |
| silk scarf/scarves | [see ╱shape flexibility╱silk scarves] |
| single-key password mechanism |
| sleep (a computer’s sleep mode) | [see ╱powering computer systems╱system power states╱sleep mode] |
| sleeping, and security when asleep |
| small business | [see ╱business╱small business] |
| smartphone | [see ╱phones╱mobile phones╱smartphones] |
| software (cf. listed, advertised, and supported security products and services on NCSC website) |
| security-photo matching software |
| best practice | [see ╱best practice╱for obtaining software] |
| obtained when distributed as pre-installed OEM software |
| from software repositories such as GitHub’s repositories |
| preinstalled, and as method for obtaining software | [see ..╱..╱obtaining software╱obtained when distributed as pre-installed OEM software] |
| different classes of software |
| antivirus software | [see ╱antivirus software] |
| bootloader | [see ╱boot╱bootloader] |
| cryptography-related | [see ╱cryptography, cryptographic╱software] |
| emulators | [see ╱emulators] |
| internet browser | [synonym for ..╱web browser] |
| operating system | [see ╱operating system] |
| tools, utilities | [see ╱software tools, software utilities] |
| web/internet browser | [see ╱web/internet browser] |
| names of different software mentioned |
| Android | [see ╱operating system╱different operating systems] |
| ChromeOS | [see ╱operating system╱different operating systems] |
| diff | [see ╱software tools, software utilities╱file comparison] |
| diffoscope | [see ╱software tools, software utilities╱file comparison] |
| Haven: Keep Watch | [see ╱apps] |
| Heads | [see ╱boot╱bootloader╱first-stage boot loader] |
| Chrome internet browser | [see ╱web/internet browser] |
| Coreboot | [see ╱boot╱bootloader╱first-stage boot loader] |
| Google Authenticator (key- and time- based app) | [see ╱apps] |
| GPG | [see ╱software tools, software utilities╱cryptography╱GPG] |
| Linux | [see ╱operating system╱different operating systems] |
| Oracle Cloud Linux | [see ╱operating system╱different operating systems] |
| Qubes OS | [see ╱operating system╱different operating systems] |
| Raspberry Pi OS | [see ╱operating system╱different operating systems] |
| Windows | [see ╱operating system╱different operating systems] |
| software developer, software development |
| cf. §”8 Principles of Secure Development & Deployment” |
| sole trader | [see ╱businesses╱sole trader] |
| solvent (glue solvent) | [see ╱glue╱glue solvents] |
| source (source code) | [see ╱programming╱source code] |
| ‘spot the difference’ (game) |
| spy, spying, spies, espionage |
| stop funding the spies and hackers (broad security principle) | [see ╱broad security principles╱stop funding the spies and hackers] |
| steganographic (steganography) |
| stereoscopy | [see ╱optical effects] |
| storage media (digital storage media) | [see ╱digital storage╱media╱] |
| submerging in water | [see ╱water╱submerging in water] |
| software tools, software utilities (class of software) |
| GPG (GNU’s-Not-Unix! Privacy Guard) |
| SSD | [see ╱solid-state drive] |
| protocols (there are also protocols that aren’t standards) | [see ‘╱protocol’ for such other protocols] |
| for communication between computing devices | [see ╱communication╱communication protocols for computing devices╱protocols that are also standards╱] |
| Transport Layer Security (TLS) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱Transport Layer Security] |
| cf. protocols in §”Cryptocurrency-like mining to increase trust” |
| collaborative development |
| when used for auditing source code changes |
| design of cyber secure systems |
| Too much of the book content is relevant here, for an exhaustive listing. |
| design to destroy private key when tampering is detected |
| security by pre-loaded private key |
| bare bones | [roughly opposite of..╱ ‘bells and whistles’] |
| ‘bells and whistles’ | [roughly opposite of ..╱bare bones] |
| full-system encryption | [see ╱cryptography, cryptographic╱full-system encryption, full-disk encryption] |
| system power states | [see ╱powering computer systems╱system power states] |
| hardware tampering (cf. “USB devices vs. SD cards”) |
| tamper evident, tamper evidence |
| tampering attack | [computer security attack, see ╱attack╱different classes of attack] |
| tape (for computer storage) | [see ╱digital storage╱Sequential-access Memory╱tape] |
| tea-bag marbled stained paper | [see ╱paper╱tea-bag marbled stained paper] |
| terminal for X Window System (display/input terminal) | [see ╱server-client computing model╱client╱thin/fat clients╱thin clients╱X terminal] |
| Tesco online printing (UK business) | [see ╱business╱online printing businesses] |
| testing (testing for security authentication) |
| quantum entanglement (analogy, in respect of testing one unit to determine properties of second unit) |
| tethering (wired tethering) | [see ╱wired tethering] |
| text (text-message) | [related to ╱language] | [see ╱communication╱text-message] |
| thin/fat clients | [see ╱server-client computing model╱client╱thin/fat clients] |
| thinking outside the box | [see ╱mental╱thinking outside the box] |
| Thirty-third Chaos Communication Congress (33c3) | [see ╱33rd Chaos Communication Congress] |
| threat model (term complements ‘security level’ term) |
| time-based broad security principles (broad security principles) | [see ╱broad security principles╱time-based broad security principles] |
| time window | [see ╱window of time] |
| Transport Layer Security (TLS) (digital-cryptography based) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱Transport Layer Security] | [related to ╱communication╱communication protocols for computing devices╱protocols that are also standards╱Hypertext Transfer Protocol Secure] |
| TLS (Transport Layer Security) | [see ╱cryptography, cryptographic╱protocols and algorithms╱public-key cryptography╱Transport Layer Security] |
| tokens for public-key cryptography | [see ╱security tokens╱security tokens for public-key cryptography] |
| tools (software tools) | [see ╱software tools, software utilities] |
| transparency | [see ╱optical effects] |
| translucency | [see ╱optical effects] |
| Trusted Platform Module (TPM) |
| tossing coin | [see ╱random╱generating randomness╱coin tossing] |
| TPM | [see ╱Trusted Platform Module] |
| Trammell Hudson (principal developer of the Heads BIOS/UEFI boot firmware system) |
| physical transit | [see ╱physical transit] |
| trustable hardware | [see ╱hardware╱trustable hardware] |
| T rays | [see ╱physical properties╱images╱t rays] |
| two-step security | [see ╱2FA] |
| two-factor authentication | [see ╱2FA] |
| Unified Extensible Firmware Interface (UEFI) | [see ╱boot╱bootloader╱first-stage boot loader] |
| UEFI | [see ╱Unified Extensible Firmware Interface] |
| unicode | [see ╱language╱unicode] |
| Universal Serial Bus (USB, standard for computer peripheral communications) |
| USB keyboard (computer keyboard) |
| USB public-key-cryptography security token | [see ╱security tokens╱security tokens for public-key cryptography╱USB tokens] |
| USB | [see ╱Universal Serial Bus] |
| ultrasound | [see ╱physical properties] |
| United Kingdom | [see ╱countries mentioned in book╱United Kingdom] |
| United States of America | [see ╱countries mentioned in book╱United States of America] |
| utilities (software utilities) | [see ╱software tools╱software utilities] |
| antivirus software | [see ╱antivirus software] |
| <there is so much information relevant here, that it may not be possible to list all of it here.> |
| visual display unit (computer screen) |
| VDU | [see ╱visual display unit] |
| VDU signal interception attack | [see ╱attack╱different classes of attack] |
| viewing angle | [see ╱view restriction╱viewing angle] |
| cardboard “restricted viewing enclosure” |
| visual cognitive power | [see ╱mental╱cognitive power╱visual cognitive power] |
| visual noise | [see ╱noise╱visual noise] |
| visible spectrum (of light) |
| visual occlusion | [see ╱occlusion] (cf. occlude) |
| volume (space in 3D) | [see ╱physical properties] |
| weak currency | [see ╱financial╱currency╱weak currency] |
| web client computers | [see ╱server-client computing model╱client╱web client computers] |
| websites referenced in book |
| weight | [see ╱physical properties] |
| weighing scales | [see ╱physical properties] |
| white-on-white text | [see ╱steganography╱white-on-white text] |
| Wikimedia Foundation | [see ╱Wikipedia╱owner of Wikipedia╱Wikimedia Foundation] |
| Wikimedia Foundation | [see ╱organisations and businesses╱names of non-business organisations╱Wikimedia Foundation] |
| WiFi | [see ╱communication╱wireless communication╱types╱WiFi] |
| attack window | [see ╱attack╱attack window] |
| using most secure window of time (broad security principle) | [see ╱broad security principles╱time-based broad security principles╱using most secure window of time] |
| Windows (OS) | [see ╱operating system╱different operating systems] |
| Wine Is Not an Emulator (Windows emulator for Unix-like operating systems) | [see ╱emulator] |
| Wine | [see ╱Wine Is Not an Emulator] |
| wireless communication | [see ╱communication╱wireless communication] |
| word symbol | [see ╱language╱word symbol] |
| writing optical discs | [see ╱hardware╱drives and readers╱optical disc drive╱optical disc writers╱writing optical discs] |
| "write once" optical media |
| X terminal (display/input terminal for X Window System client applications) | [see ╱server-client computing model╱client╱thin/fat clients╱thin clients╱X terminal] |
| X ray | [see ╱physical properties╱image╱X ray] |
| Yubico and Yubikey brands of USB security tokens | [see ╱security tokens╱security tokens for public-key cryptography╱USB tokens╱brands╱Yubikey, Yubico] |
| zero-knowledge authentication protocol | [see ╱protocol] |
This book was first produced in response to a computer hacking incident encountered during 2020 by the author of the first version of this book, in the course of his being a self-employed software developer. He had already adopted some security measures but then felt he really needed an overhaul of the security measures and systems he had in place.
This book is aimed specifically at individuals, sole traders, and small businesses, bearing in mind that they may have shoestring budgets.
It was the author’s belief that end-user security was a real issue of concern because the mindsets of security specialists seemed to be often attuned to examining and proposing solutions within rigid frameworks: such as for example only looking at software security risks but completely ignoring physical aspects of everyday nuts-and-bolts security. A certain element of being able to think ‘outside the box’, and outside one’s own specialised domain, is needed. As such, security is really a multidisciplinary field, requiring the creativity of people from all walks of life.
There is special concern for the highlighted entities (individuals, sole traders, and small businesses), because of their being prone to attack due to budget constraints, and a lack of other important resources.
The author of the first version of the book places his contributions into the public domain (the author’s Google Drive version hosted here [minus the Google Docs comments] will always be in the public domain). He feels that end-user security is so important, that intellectual property obstacles should be removed as much as possible, so as to enable everyday users to be able to undertake computing activities safely. This is especially of concern at the time of writing during the 2020 COVID-19 worldwide outbreak. During this outbreak, individuals are being called upon in great numbers to remote work and also to socialise and conduct recreational activities using computing devices.
The increasing consumer use of cryptocurrencies is another reason why a work like this is important.
The author only asks in return that you, if possible, do the following:
- Amend this work to fix mistakes.
- Add comments indicating your level of agreement or disagreement with different parts that you read/review.
- Improve it in other ways.
Please note that because using your contributions might require that you grant copyright permission for such, it is mostly preferred that you make your contributions to the Wikibooks version of this book[1].
Footnotes
- ↑ If you are only pointing out mistakes, or giving quantitative measurements of your agreement/disagreement with parts of this book, copyright permission probably won’t be required.
