A piece of software that modifies another software application, changing how it works or what it can do. Often add-ons can add privacy or security features to web browsers or email software. Some add-ons are malware, so be careful to install only those that are reputable and from official sources.
Your adversary is the person or organization attempting to undermine your security goals. Adversaries can be different, depending on the situation. For instance, you may worry about criminals spying on the network at a cafe, or your classmates at a school. Often the adversary is hypothetical.
A computer or network that is physically isolated from all other networks, including the Internet, is said to be air-gapped.
Software that attempts to protect a device from being taken over by malicious software (or “malware"). Viruses were some of the first and most prevalent forms of malware; they were named viruses to reflect the way they would spread from device to device. These days most antivirus software concentrate on warning you if you look to be downloading a suspicious file from an external source, and examining files on your computer to see if they match the software's idea of what malware looks like.
Anti-virus software can only recognize malware if it is substantially similar to samples that the anti-virus developer has already analyzed. This makes it far less effective at combating targeted malware designed to infiltrate a particular community or person, rather than more widespread strains of malware. Some advanced malware can also actively attack or conceal itself from antivirus software.
In threat modeling, any piece of data or a device that needs to be protected.
In computer security, an attack is a method that can be used to compromise security, or its actual use. An attacker is the person or organization using an attack. An attack method is sometimes called an "exploit."
The various properties of your web browser or computer that a web site can notice when you visit. They may be slightly different from other browsers or computers, which can be a way to recognize you even if you didn't log in, even if your computer doesn't save cookies, and even if you connect to the Internet from a different network in the future. For example, you might be the only person who uses a particular site from a device set to a particular language, with a particular screen size, and using a particular web browser version; then the site could realize that it's you whenever you visit, even if you don't do anything to reveal your identity.
A phone that is not connected to your identity, is only used for a small set of calls or activities, and can be discarded if and when it is suspected of being tracked or compromised. Burner phones are often pre-paid mobile phones bought with cash.
The capability of an attacker (in the sense we use it in this guide) is what it is able to do to achieve its aims. For example, a country's security services might have the capability to listen to telephone calls while a neighbor may have the capability to watch you from their window. To say that an attacker “has" a capability does not mean that they will necessarily use that capability. It does mean that you should consider and prepare for the possibility.
A command and control server (C&C or C2) is a computer that gives orders to malware-infected devices and receives information from those devices. Some servers control millions of devices.
The "command line" is an ancient way of giving a computer a series of small, self-contained orders (think of those science fiction movies where teenage geniuses type long strings of green text onto black screens). To use a command line tool, the user types a command into a window called a terminal emulator, hits the return or enter key, and then receives a textual response in the same window. Windows, Linux and Apple desktop computers still let you run software using this interface, and even some mobile phones can do the same with the right app. The command line can be used to run software pre-packaged with your operating system. Some downloadable programs, especially technical utilities, use the command line instead of a more familiar "icons and buttons" user interface. The command line needn't be scary, but it does require you to type in exactly the right set of letters and numbers to get the correct result, and it's often unclear what to do if the responses don't match your expectations.
A commercial Virtual Private Network is a private service that offers to securely relay your Internet communications via their own network. The advantage of this is that all of the data you send and receive is hidden from local networks, so it is safer from nearby criminals, or untrusted local ISPs or cybercafes. A VPN may be hosted in a foreign country, which is useful both for protecting communications from a local government, and bypassing national censorship. The down side is that most of the traffic is decrypted at the commercial VPN's end. That means you need to trust the commercial VPN (and the country where it is located) not to snoop on your traffic.
Cookies are a web technology that let websites recognize your browser. Cookies were originally designed to allow sites to offer online shopping carts, save preferences or keep you logged on to a site. They also enable tracking and profiling so sites can recognize you and learn more about where you go, which devices you use, and what you are interested in – even if you don't have an account with that site, or aren't logged in.
Companies and other large institutions will usually have some services (email, web, and access to files and printers for instance) that are accessible from within their own local network, but not from outside on the wider Internet. Most companies take this as being sufficient security to protect their internal documents, but this means that any attack that can connect to the intranet can access or interfere with all the information being kept locally. An example of such an attack is tricking an employee to install malware on their laptop.
To allow employees to access the intranet via the wider Internet, companies will often provide their own Virtual Private Network (VPN) which creates a secure connection to the inside of the intranet from anywhere in the world.
The art of designing secret codes or ciphers that let you send and receive messages to a recipient without others being able to understand the message.
Make a secret message or data intelligible. The idea behind encryption is to make messages that can only be decrypted by the person or people who are meant to receive them.
The use of a mathematical technique to confirm the origin of information, and to confirm that it wasn't changed since it was written. Digital signatures may be used with software downloads to make sure that the software you're installing is the same as the official published version, and that nobody has tampered with it. They're also often used on encrypted email and for many other purposes. When information isn't protected by a digital signature, an Internet service provider or other communications provider could change the contents of what someone wrote or published, and there wouldn't be a technical means to detect that this happened.
A method for taking a website or other Internet service offline, by co-ordinating many different computers to request or send data to it simultaneously. Usually the computers used to conduct such an attack are remotely controlled by criminals, who have taken over the machines by breaking into them, or infecting them with malware.
The address, in words, of a website or Internet service; for example: ssd.eff.org
To apply encryption technology to any sort of information or communication. This transforms the information or communication mathematically so that it seems meaningless, but can still be restored to its original form by a person or device that possesses the right secret key. This limits who can access the information because without the right secret key, it should be impossible to reverse the encryption and recover the original information. Encryption is one of several technologies that make up the field called cryptography.
A process that takes a message and makes it unreadable except to a person who knows how to "decrypt" it back into a readable form.
An encryption key is a piece of information that is used to convert a message into an unreadable form. In some cases, you need the same encryption key to decode the message. In others, the encryption key and decryption key are different.
End-to-end encryption ensures that a message is turned into a secret message by its original sender, and decoded only by its final recipient. Other forms of encryption may depend on encryption performed by third-parties. That means that those parties have to be trusted with the original text. End-to-end encryption is generally regarded as safer, because it reduces the number of parties who might be able to interfere or break the encryption.
A sequence or letters or numbers that represent the contents of a file. Changing the file even a tiny bit will completely change its fingerprint. Checking the fingerprint of a file that you've downloaded, such as a software application or extension, helps to make sure that you got the same file that other people have, and that nobody has tampered with it while it was being downloaded.
Where data is stored, usually locally, on your computer or other device. File systems are usually where personal documents and notes are stored for easy access.
An old method for copying files from a local computer to a remote one, or vice versa. The job of FTP programs (and the FTP servers that stored the files) have mostly been replaced by web browsers and web servers, or file synchronising programs like Dropbox.
The keys of public key cryptography are very large numbers, sometimes a thousand or more digits long. A fingerprint is a much smaller number or set of numbers and letters that can be used as a unique name for that key, without having to list all of the key's digits. So, for instance, if you and a friend wished to make sure you both had the same key, you could either spend a long time reading off all the hundreds of digits in the key, or you could each calculate your key's fingerprint and compare those instead. The fingerprints presented by cryptographic software usually consist of around 40 letters and numbers. If you carefully check that a fingerprint has the right value, you should be safe against impersonation using a fake key. Some software tools may offer more convenient alternative ways to verify a friend's key, but some form of verification needs to happen to prevent communications providers from easily being able to listen in.
A tool that protects a computer from unwanted connections to or from local networks and the Internet. A firewall might have rules that forbid outgoing email, or connections to certain websites. Firewalls can be used as a first line of defense to protect a device from unexpected interference. Or they can be used to prevent users from using the Internet in certain ways.
A property of a secure messaging system which ensures that your past communications can remain secure even if one of the private keys is stolen later. For HTTPS websites, forward secrecy is an important protection against adversaries like intelligence agencies which may record large amounts of traffic and use a stolen key to decrypt it. For instant messaging and chat systems, forward secrecy is necessary to ensure that deleted messages are really deleted, but you will also need to either disable logging or securely delete past messages.
If you're planning on securing data on your local device, you could choose to just encrypt a few key files, or you could encrypt everything on the computer. “Full disk encryption” is the term for encrypting everything. It's usually safer (and often easier) to use full disk encryption than to manage just a few individually encrypted files. If you try to encrypt just individual files, your computer might make temporary unencrypted copies of those files without you noticing. And some software might keep some unencrypted records about your use of your computer. Apple's OS X, Linux and high-end versions of Windows all have built-in full disk encryption, but it is usually not turned on by default.
If you've ever seen a web address spelled out as “http://www.example.com/”, you'll recognize the “http” bit of this term. HTTP (hypertext transfer protocol) is the way a web browser on your machine talks to a remote web server. Unfortunately, standard http sends text insecurely across the Internet. HTTPS (the S stands for “secure”) uses encryption to better protect the data you send to websites, and the information they return to you, from prying eyes.
IMAP is the way that many email programs communicate with services that send, receive and store your email. By changing the IMAP settings on your email program, you can choose to load email from different servers or set the level of security and encryption used to transfer the mail across the Internet to you.
Clues that show that your device may have been broken into or tampered with.
Filtering is the politer term for blocking or censoring Internet traffic.
A device on the Internet needs its own address to receive data, just like a home or business needs a street address to receive physical mail. This address is its IP (Internet Protocol) address. When you connect to a web site or other server online, you usually reveal your own IP address. This doesn't necessarily reveal either your identity (it's hard to map an IP address to a real address or a particular computer). An IP address can give away some information about you, however, such as your rough location or the name of your Internet Service Provider. Services like Tor let you hide your IP address, which helps give you anonymity online.
In cryptography, a piece of data which gives you the capability to encrypt or decrypt a message.
A sequence of letters or numbers that represent a public key. Some privacy tools let you check the match between someone's key fingerprint as seen by your device and by their device. The purpose of this check is to prevent a man-in-the-middle attack, where someone tricks you into using the wrong key.
A malicious program or device that records everything you type into a device, including passwords and other personal details, allowing others to secretly collect that information. (The "key" in keylogger refers to the keys you have on your keyboard.) Keyloggers are often malware that users have been tricked into downloading and running, or occasionally physical hardware secretly plugged into a keyboard or device.
To receive encrypted messages using public key cryptography (and to reliably inform others that a message genuinely came from you), you need to create two keys. One, the private key, you keep secret. The other, the public key, you can let anyone see. The two keys are connected mathematically, and are often collectively known as a "keypair."
If you use public key cryptography, you'll need to keep track of many keys: your secret, private key, your public key, and the public keys of everyone you communicate with. The collection of these keys is often referred to as your keyring.
When you're using public key encryption, it's important to be sure that the key you use to encrypt a message really belongs to the recipient (see key verification). PGP makes this a little easier by having a way to tell others "I believe this key belongs to this person -- and if you trust me, you should believe that too." Telling the world that you trust someone's key is called "signing their key": it means anyone who uses that key can see you vouched for it. To encourage everyone to check and sign each others keys, PGP users organize key-signing parties. They're almost, but not quite, as exciting as they sound.
Analogy: It's like a networking party, where you introduce your friends to other friends.
In public key cryptography, each person has a set of keys. To send a message securely to a particular person, you encrypt your message using their public key. An attacker may be able to trick you into using their key, which means that they will be able to read your message, instead of the intended recipient. That means that you have to verify that a key is being used by a particular person. Key verification is any way that lets you match a key to a person.
Malware is short for malicious software: programs that are designed to conduct unwanted actions on your device. Computer viruses are malware. So are programs that steal passwords, secretly record you, or delete your data.
Suppose you believe you were speaking to your friend, Bahram, via encrypted instant messenger. To check it's really him, you ask him to tell you the city where you first met. "Istanbul" comes the reply. That's correct! Unfortunately, without you or Bahram knowing, someone else online has been intercepting all your communications. When you first connected to Bahram, you actually connected to this person, and she, in turn, connected to Bahram. When you think you are asking Bahram a question, she receives your message, relays the question to Bahram, receives his answer back , and then sends it to you. Even though you think you are communicating securely with Bahram, you are, in fact, only communicating securely with the spy, who is also communicating securely to Bahram! This is the man-in-the-middle attack. Men-in-the-middle can spy on communications or even insert false or misleading messages into your communications. Security-focused internet communications software needs to defend against the man-in-the-middle attack to be safe against attackers who have control of any part of the Internet between two communicators.
A password used to unlock a store of other passwords or other ways to unlock programs or messages. You should make a master password as strong as you can.
Metadata (or "data about data") is everything about a piece of information, apart from the information itself. So the content of a message is not metadata, but who sent it, when, where from, and to whom, are all examples of metadata. Legal systems often protect content more than metadata: for instance, in the United States, law enforcement needs a warrant to listen to a person's telephone calls, but claims the right to obtain the list of who you have called far more easily. However, metadata can often reveal a great deal, and will often need to be protected as carefully as the data it describes.
Instant messaging systems are often unencrypted. OTR is a way of adding encryption to them, so that you can keep using familiar networks like Facebook chat or Google Chat or Hangouts but with your messages more resistant to surveillance.
Passwords are usually semi-permanent: once you set them up, you can keep using them until you manually change or reset them. One-time passwords only work once. Some one-time password systems work by having a tool or program that can create many different one-time passwords, that you use in turn. This is useful if you're afraid that there may be a key-logger on a system where you have to type in a password.
Open source software, or free software, is software that can be distributed freely in a form that lets others modify it and rebuild it from scratch. While it is known as “free software," it's not necessarily free as in zero-cost: FLOSS programmers can ask for donations, or charge for support or for copies. Linux is an example of a free, open source program, as are Firefox and Tor.
A program that runs all the other programs on a computer. Windows, Android and Apple's OS X and iOS are all examples of operating systems.
"Out-of-band" means any way of communicating outside of the current method. Verifying the identity of the person you're talking to over an insecure communication system often requires communicating out-of-band via another method that is less vulnerable to the same kind of attack. So, for instance, you might check that you are using someone's correct public key by talking to them in person, before using it to encrypt your email.
A passive adversary is one that can listen to your communications, but cannot directly tamper with them.
A passphrase is a kind of password. We use "passphrase" to convey the idea that a password which is a single word is far too short to protect you and a longer phrase is much better. The webcomic XKCD has a good explanation. http://xkcd.com/936/
A secret meant to be memorized, and meant to limit access to something so that only someone who knows the password can gain access. It might limit access to an online account, a device, or something else. A long password based on multiple words may also be called a "passphrase" to remind us that it's not just one "word." A main password to unlock other passwords in a password manager or password safe application is often called a "master password.”
A tool that can encrypt and store your passwords using a single master password making it practical to use many different passwords on different sites and services without having to memorize them.
PGP or Pretty Good Privacy was one of the first popular implementations of public key cryptography. Phil Zimmermann, its creator, wrote the program in 1991 to help activists and others protect their communications. He was formally investigated by the US government when the program spread outside the United States. At the time, exporting tools that included strong public key encryption was a violation of US law.
PGP continues to exist as a commercial software product. A free implementation of the same underlying standard that PGP uses called GnuPG (or GPG) is also available. Because both use the same interchangeable approach, people will refer to using a “PGP key” or sending a “PGP message”, even if they are using GnuPG.
A communications protocol is a way of sending data between programs or computers. Software programs that use the same protocol can talk to each other: so web browsers and web servers speak the same protocol, called "http". Some protocols use encryption to protect their contents. The secure version of the http protocol is called "https". Another example of an encrypted protocol used by many different programs is OTR (Off-the-Record), a protocol for secure instant messaging.
A name that you choose to use in some context (like an online forum) and that others may come to recognize, but that isn’t connected to names that people know you by in your day-to-day life.
Traditional encryption systems use the same secret, or key, to encrypt and decrypt a message. So if I encrypted a file with the password "bluetonicmonster", you would need both the file and the secret "bluetonicmonster" to decode it. Public key encryption uses two keys: one to encrypt, and another to decrypt. This has all kinds of useful consequences. For one, it means that you can hand out the key to encrypt messages to you, and as long as you keep the other key secret, anyone with that key can talk to you securely. The key you hand out widely is known as the "public key": hence the name of the technique. Public key encryption is used to encrypt email and files by Pretty Good Privacy (PGP), OTR for instant messaging, and SSL/TLS for web browsing.
If you plan to send a secure message to someone who uses public key cryptography like PGP, you need to know what key to use to encrypt your message. Public key servers act as a phonebook for such keys, allowing software to use an email address, name, or key fingerprint to search for a full key and download it. There are many PGP public key servers, but they usually share their key collections with each other. Keyservers can't verify whether the keys they publish are genuine or forgeries. Anyone can upload a key to a public key server—in anyone's name. That means that a key connected to a person's name or email on a keyserver might not be their real key. In order to check the authenticity of a key, you need to check its signatures, or confirm its fingerprint with the original user in a trustworthy way.
PGP allows you to sign other people's keys, which is a way of using your own key to assert that a certain key is the right one to use to contact another person. This is meant to provide a way of distinguishing between genuine and fake keys; if people sign the right keys for people they know and communicate with, others can use those signatures to confirm that the genuine keys are genuine. When you download a key from a key server, it may include signatures from other people who affirm that it's the right one. If you know those people and know that you have the right key for them, you can have more confidence in the newly downloaded key. This verification process is also called the web of trust. Its advantage is that it's decentralized and not controlled by any authority, so you don't have to believe a certain company or government about which keys to use when writing to new people. Instead, you can believe your own social networks. One important disadvantage of the web of trust is that publishing signatures for other people's keys tells the whole world who your contacts are; it creates public evidence that you know particular people. Also, using the web of trust correctly requires a good deal of time and attention, and some communities rarely or never participate.
What happens if you lose access to a secret key, or it stops being secret? A revocation certificate is a file that you can generate that announces that you no longer trust that key. You generate it when you still have the secret key, and keep it for any future disaster.
In computer security, risk analysis is calculating the chance that threats might succeed, so you know how much effort to spend defending against them. There may be many different ways that you might lose control or access to your data, but some of them are less likely than others. Assessing risk means deciding which threats you are going to take seriously, and which may be too rare or too harmless (or too difficult to combat) to worry about. See threat modeling.
The technology that permits you to maintain a secure, encrypted connection between your computer and some of the websites and Internet services that you visit. When you're connected to a website through this technology, the address of the website will begin with HTTPS rather than HTTP. Officially, its name was changed to Transport Layer Security (TLS) in 1999, but many people still use the old name.
A way to confirm automatically that a public key is correct (is really the one that's used by a particular entity), in order to prevent man-in-the-middle attacks. Most often used by web sites to prove to your browser that you have a secure connection to the real site, and not to some other system that's tampering with your connection.
To supplement passwords, some systems use "security questions." These are queries to which only you are supposed to know the answer. The problem with security questions is that they are really just extra passwords that have potentially guessable or discoverable answers. We recommend you treat them as any other password: create a long, novel, random, phrase to answer them, and record that somewhere safe. So the next time your bank asks you your mother's maiden name, you should be ready to answer "Correct Battery Horse Staple" or similar.
A small, removable card that can be inserted into a mobile device in order to provide service with a particular mobile phone carrier. SIM (subscriber identity module) cards can also store phone numbers and text messages.
Historically, computers stored data on rotating magnetic discs. Mobile devices and increasing numbers of personal computers now store permanent data on non-moving drives. These SSD drives are currently more expensive, but much faster than magnetic storage. Unfortunately, it can be more difficult to reliably and permanently remove data from SSD drives.
SSH (or Secure Shell) is a method for letting you securely control a remote computer via a command line interface. One of the features of the SSH protocol is that as well as sending commands, you can also use it to securely relay Internet traffic between two computers. To set up an SSH link, the remote system needs to operate as an SSH server, and your local machine needs an SSH client program.
In computer security, a threat is a potential event that could undermine your efforts to defend your data. Threats can be intentional (conceived by attackers), or they could be accidental (you might leave your computer turned on and unguarded).
A way of narrowly thinking about the sorts of protection you want for your data. It's impossible to protect against every kind of trick or attacker, so you should concentrate on which people might want your data, what they might want from it, and how they might get it. Coming up with a set of possible attacks you plan to protect against is called threat modeling. Once you have a threat model, you can conduct a risk analysis.
An email address you use once, and never again. Used to sign up to Internet services without revealing an email address connected to your identity.
When you visit a website, your browser sends some information to that site's operators -- your IP address, other information about your computer, and cookies that link you to previous visits using that browser, for instance. If the website includes images and content taken from other web servers, that same information is sent to other websites as part of downloading or viewing the page. Advertising networks, analytics providers, and other data collectors may gather information from you in this way.
You can install additional software that runs alongside your browser and will limit how much information is leaked to third-parties in this way. The most well-known examples are programs that block advertisements. EFF offers a tool called Privacy Badger which is another traffic-blocking extension.
Encrypting data as it travels across the network, so that others spying on the network cannot read it.
"Something you know, and something you have." Login systems that require only a username and password risk being broken when someone else can obtain (or guess) those pieces of information. Services that offer two-factor authentication also require you to provide a separate confirmation that you are who you say you are. The second factor could be a one-off secret code, a number generated by a program running on a mobile device, or a device that you carry and that you can use to confirm who you are. Companies like banks, and major internet services like Google, PayPal and Twitter now offer two-factor authentication.
Most devices let you delete data from them; For instance, you can drag a file to the Trash icon, or press delete in a photo album. But deletion does not always mean that the original data is gone. Undelete programs are applications that can be used by the device's owner, or others with access to the device, to restore some data. Undelete programs are useful for those who accidentally delete their own data, and to those whose data might have been sabotaged, such as a photographer who has been compelled to remove images from their camera. However, those same programs can be a threat to anyone who wants to permanently erase confidential data. See How to Delete Your Data Securely for advice on wiping data, and how undelete programs work on modern devices.
Any technology that allows you to use the Internet for voice communication with other VoIP users or receive telephone calls over the Internet.
A virtual private network is a method for connecting your computer securely to the network of an organization on the other side of the Internet. When you use a VPN, all of your computer's Internet communications is packaged together, encrypted and then relayed to this other organization, where it is decrypted, unpacked, and then sent on to its destination. To the organization's network, or any other computer on the wider Internet, it looks like your computer's request is coming from inside the organization, not from your location.
VPNs are used by businesses to provide secure access to internal resources (like file servers or printers). They are also used by individuals to bypass local censorship, or defeat local surveillance.
Some forms of digital storage, like the flash memory used in solid-state drives (SSD) and USB sticks, can wear out if overwritten many times. Wear leveling is a method that spreads the writing of data evenly across all of the media to prevent one part of it being overwritten too many times. Its benefit is that it can make devices last longer. The danger for security-conscious users is that wear leveling interferes with secure erase programs, which deliberately try to overwrite sensitive files with junk data in order to permanently erase them. Rather than trusting secure erase programs with files stored on SSD or USB flash drives, it can be better to use full-disk encryption. Encryption avoids the difficulty of secure erasing by making any file on the drive difficult to recover without the correct passphrase.
A website that lets its users access other, blocked or censored websites. Generally, the web proxy will let you type a web address (or URL) onto a web page, and then redisplay that web address on the proxy page. Easier to use than most other censorship-circumventing services.
The program you use to view web sites on the Internet. Firefox, Safari, Internet Explorer and Chrome are all web browsers. Mobile devices have a web browser app for the same purpose.
A open standard for instant messages - Google uses XMPP for Google Talk; Facebook used to offer it, but stopped. Non-corporate independent instant messaging services will usually use XMPP. Services like WhatsApp have their own, closed and secret protocol.
A flaw in a piece of software or hardware that was previously unknown to the maker of the product. Until the manufacturers hear of the flaw and fix it, attackers can use it for their own purposes.