End-user Computer Securitysim
Inexpensive security
for   Â
⊟ individuals
⊟ sole traders
⊟ small businesses
Main content
Chapter   1: Software based
Chapter   2: Passwords and digital keys
Chapter   3: Wireless Communications
Chapter   4: Digital storage
Chapter   5: Some measures that are primarily physical
Chapter   6: Mind-reading attacks
Chapter   7: Simple security measures
Chapter   8: Broad security principles
Chapter   9: What to do when you discover your computer has been hacked
Chapter   10: Miscellaneous notes
Appendix
Part   1: New security inventions requiring a non-trivial investment in new technology
Part   2: Example set-ups & implementations
Index     (NOT FINISHED)
edit
2FA [see â±2-factor authentication]
2-factor authentication (2FA) [see â±multi-factor authenticationâ±2-factor authentication]
2nd hand [see â±second hand]
33c3 [see â±33rd Chaos Communication Congress]
33rd Chaos Communication Congress (33c3) [see â±33rd Chaos Communication Congress]
3D (3D means three dimensional)
3D-optimised hardware [see â±hardwareâ±3D-optimised hardware]
minimally-above-average security (broad security principle) [see â±broad security principlesâ±minimally-above-average security]
age of software, and devices
old mobile phone, mobile device (cf. §âOld or new phoneâ)
old version of software (cf. §âVulnerability when used for softwareâ)
average security [contrasts with â±above-average security]
account security for your email account [see â±electronic mailâ±email account security]
acetone as a glue solvent [see â±glueâ±glue solventsâ±acetone]
administrator account [see â±operating systemâ±operating-system login accountâ±administrator account]
adversary [related to â±computer security attackâ±threat model]
affordable [see â±costsâ±affordable]
artificial intelligence (AI)
AI [see â±artificial intelligence]
algorithms [see â±programmingâ±algorithms]
alphabet [see â±languageâ±alphabet]
Andrew "bunnie" Huang [see â±persons (individuals named in book) ]
Android (Android operating system for mobile devices) [see â±operating systemâ±different operating systems]
amnesia and security in spite of it [see â±security in spite of amnesia]
antivirus software on Android
app (type of software program)
Google Authenticator (key- and time- based app)
Archimedesâ principle [see â±physical propertiesâ±volume]
asymmetric cryptography [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography]
âat restâ security location
âat restâ shape retention (cf. §âPerhaps the simplest and best ideaâ)
attack (computer security attack)
different classes of attack
hardware hacking attack [see â±hackâ±security hackingâ±hardware hacking.]
health attack (eg. causing fatigue, concentration/memory loss, by use of directed non-lethal energy weapons)
man-in-the-middle (MITM) attack
mind-reading psychic attack
âInceptionâ styled attacks
VDU signal interception attack
malicious sneaky replacement of full-disk encryption system with historic clone of system that has known vulnerabilities
bootloader (of computer system)
further writes to optical discs that are otherwise seemingly read-only
multi-booting (cf. §âWhich OS?â) â...There is unlikely much point in dual-booting between Windows and Linux because if Windows is hacked,...â (cf. §âQubes OS 4.0.3 side-by-side with other operating systemsâ) â...any such other OS should not be able to access or even âtouchâ the Qubes OS installation, thereby hopefully safeguarding the Qubes installation from attacks conducted through the other presumably-less-secure OS.â
random access memory (see §âMagnetic storage: tapes vs. discsâ)
attack window (cf. §Using_most_secure_window_of_time) [see â±window of timeâ±attack window]
(cf. §âRewritable media vs optical ROM discsâ]
âdestroy key when attackedâ [see â±keysâ±digital keyâ±âdestroy key when attackedâ]
auditing source code [see â±programming, coding, reprogrammingâ±source codeâ±auditing source code]
authentication keys [see â±keyâ±digital keyâ±authentication key]
cross authentication of public-key-cryptography (aka asymmetric cryptography)
security certificates [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificatesâ±cross authentication]
measuring physical properties for authentication
testing for security authentication [see â±testing]
auto-power-off of laptop [see â±powering computer systemsâ±automatic powering off of the laptop]
automatic powering off of the laptop [see â±powering computer systemsâ±automatic powering off of the laptop]
backup, back-up (computer backup)
backing-up before factory reset
backing-up files (computer files)
after discovery of having been hacked
backing-up security keys and passwords [contrasts and can complement â±keyâ±digital keyâ±destroying keys]
bad blocks (on digital storage media) [see â±digital storageâ±mediaâ±bad blocks]
balance-of-probabilities [see â±probabilityâ±balance-of-probabilities]
banking (financial banking) [see â±financialâ±banking]
bare bones [see â±systemsâ±propertiesâ±bare bones]
Basic Input Output System (BIOS used in computer boot sequences) [see â±bootâ±bootloaderâ±first-stage boot loader]
âbells and whistlesâ [see â±systemsâ±propertiesâ±âbells and whistlesâ]
best practice (perhaps not complete)
for creating a read-only CD or DVD
for backing-up files after being hacked
BIOS [see â±Basic Input Output System]
Bitcoin [see â±financialâ±currencyâ±cryptocurrencyâ±different currenciesâ±Bitcoin]
blackbox [see â±systemsâ±propertiesâ±blackbox]
Bluetooth [see â±communicationâ±wireless communicationâ±typesâ±Bluetooth]
boot (computerâs startup sequence)
first-stage boot loader (such as in BIOS or UEFI)
not requiring second stage
Heads (built on top of Coreboot technology)
second-stage boot loader (no content at present)
cold, or warm booting (warm boot is also known as soft off/boot)
cold boot [see â±powering computer systemsâ±system power statesâ±powered-off]
soft off/boot, warm boot [see â±powering computer systemsâ±system power statesâ±soft off/boot, warm boot]
Boots photo printing (UK) [see â±businessâ±online printing businesses]
braille [see â±languageâ±braille]
brain-reading [see â±mentalâ±mind readingâ±brain reading]
broad security principles
âdestroy key when attackedâ [see â±data destructionâ±âdestroy key when attackedâ]
geospatial-based broad security principles
measuring physical properties for authentication [see â±authenticationâ±measuring physical properties for authentication]
minimally-above-average security
ordering many units of same product [see â±order, orderingâ±ordering many units of same product]
preventing lapses in security
publishing security methods
relying on high production cost of certain security tokens
report cyber-crime to the police [see â±report, reportingâ±report cyber-crime to the police]
stop funding the spies and hackers
think in terms of gradual movement along a security-level continuum
time-based broad security principles
âbased on time passedâ security principle
âbased on time taken to forgeâ security principle
using most secure window of time
user randomly selecting unit from off physical shelves [see â±businessâ±shopâ±physical shopâ±physical shelves]
browser for web/internet [see â±web/internet browser]
building software [related to â±programming]
build from source, compile from source
detecting malware by using reproducible builds [see â±malwareâ±detecting malware in source codeâ±by using reproducible-builds protocol]
bubble wrap [see â±shape flexibilityâ±bubble wrap]
budget (financial constraint) [see â±costsâ±financial constraints]
budget (cheap) [see â±costsâ±cheap]
burning, burn (writing CDs, DVDs, etc.) [see â±hardwareâ±drives and readersâ±optical disc driveâ±optical disc writersâ±writing optical discsâ±optical disc writersâ±writing optical discs]
burner phones [see â±phonesâ±mobile phonesâ±burner phones]
business (intersects with manufacturer, producer)
business models (no content at present)
open-source vs. closed-source (no content at present)
company registration number
company registered office
names of different businesses named in book
GitHub [see â±systemsâ±collaborative developmentâ±GitHub]
online printing businesses
user randomly selecting unit from off physical shelves (broad security principle)
camera [related to â±photography]
card readers for SD cards [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±card readers for SD cards]
cardboard [see â±materialsâ±cardboard]
cardboard ârestricted viewing enclosureâ [see â±view restrictionâ±cardboard ârestricted viewing enclosureâ]
compact disc [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±CDs]
certification authorities (for public-key-cryptography security certificates) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificatesâ±certification authoritiesâ±]
certificates for security based on public-key cryptography (aka asymmetric cryptography) [see â±security certificate for public-key cryptography]
channels (purchase channels) [see â±purchasingâ±purchase channels]
changing passwords and keys
changing password to one previously used [see â±passwordâ±password reuse]
changing encryption keys frequently in FDE [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryptionâ±frequent changing of encryption keys]
cheap [see â±costsâ±cheap]
China [see â±countries mentioned in bookâ±China]
Chaos Communication Congress [see â±organisations and businessesâ±names of non-business organisationsâ±Chaos Communication Congress]
ChromeOS [see â±operating systemâ±different operating systems]
Chromebook, Chromebox, Chromebit [see â±personal computerâ±different âready-to-runâ PCs marketed as productsâ±Chromebook, Chromebox, Chromebit]
Chrome web browser [see â±web/internet browser]
Cipher [see â±cryptography, cryptographicâ±cipher]
client (in server-client computing model) [see â±server-client computing modelâ±client]
cling film [see â±materialsâ±transparent materialâ±cling film]
cloned physical key [see â±keyâ±physical keyâ±cloned key]
closed/open source [see â±open/closed source]
clouds [see â±cloud computingâ±clouds]
cloud computing [related to â±server-client computing model] [related to â±sandboxing]
Oracle Cloud [see â±Oracleâ±Oracle Cloud]
code (source code) [see â±programmingâ±source code]
coding (programming) [see â±programming]
cognitive power [see â±mentalâ±cognitive power]
coin tossing [see â±randomâ±generating randomnessâ±coin tossing]
collaborative development [see â±systemsâ±collaborative development]
comparing files (computer files) [see â±fileâ±file comparison]
'complete fake' attacks (computer security attack) [see â±attackâ±different classes of attack]
computer screen lock/locking (aka screensaver lock)
computer security attack [see â±attack]
zero-knowledge authentication protocol
communication protocols for computing devices
protocols that are also standards
for wireless communication
NFC (Near-Field Communication)
Hypertext Transfer Protocol Secure (HTTPS) [related to â±Transport Layer Security]
Transport Layer Security should be added here?
communicating trust in âproofs of workâ associated with cryptocurrencies
devices used for communication?
file transfer, file transmission, sending files [see â±fileâ±file transfer, file transmission, sending files]
gazettes as a means for overcoming MITM attacks
interception of communication in MITM attacks
family of attacks (blocking comms, imposture, stealing/spying of confidential information)
modes of message-based communication
email account security (email account security)
cf. two-step security for Google account
importance of electronic-mail account security (cf. §âNational Cyber Security Centreâ)
email encryption [covered under ..â±email security]
email security (email security) [related to ..â±email account security]
PGP (Pretty Good Privacy) cryptography for email security (could perhaps do with more content here, cf. Main_contentâ±Broad_security_principle#Example_2)
encrypting emails (no content at present)
digitally signing emails (cf. Main_content/Broad_security_principles#Example_2)
PGP cryptography in general [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Pretty Good Privacy cryptography]
software for communication
OEM software as a means for communicating software to end-users?
printing as part of communication process
add public-key cryptography?
of files (no content at present) (â±fileâ±file/file transfer, file transmission, sending filesâ±secure communication of files) (cf.Appendix invention) .
of public keys? Non-compromised communication of public keys. (cf. Appendix invention) .
of security certificates by pre-installing them on computing devices?
of passwords? (flavour-encoding, etc.) (cf. Appendix invention)
add website publishing here?
server-client model vs. peer-to-peer model, for communications
wireless/wired communication
WiFi protocol [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±WiFi]
WiFi network [see ..â±..â±..â±networksâ±WiFi network]
WiFi router [see â±hardwareâ±routerâ±WiFi router]
NFC (Near-Field Communication)
NFC protocol [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±NFC]
Bluetooth protocol [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±NFC]
WiFi router [see â±hardwareâ±routerâ±WiFi router]
serial/parallel port (no content at present)
conscious thoughts [see â±mentalâ±conscious thoughts]
company (business) [see â±business, company]
compile [see â±building softwareâ±compile]
combination lock briefcase
computer operating costs [see â±costsâ±operating costsâ±computer operating costs]
computer security standards [see â±cybersecurity standards]
Coreboot (BIOS/UEFI boot firmware system) [see â±bootâ±bootloader, first-stage boot loader]
affordable [related to ..â±cheap] (cf. UV tinting of already-owned glasses)
cheap (cf. low cost, cf. low price, cf. paper-based scrambler [which is cheap], cf Report cybercrime to the police) [because OEM software is often cheap means for obtaining software, related to â±softwareâ±OEM software] [because open source is often cheap, associated with â±open/closed sourceâ±open source]
relying on high production cost of certain security tokens (broad security principle) [see â±broad security principles, relying on high production cost of certain security tokens]
financial constraints, budget [related to ..â±affordable] [see â±financial, financial constraints]
stop funding the spies and hackers (broad security principle) [see â±broad security principlesâ±stop funding the spies and hackers]
countries mentioned in book
Netherlands [see ..â±Holland]
COVID-19 [see â±coronavirus disease]
cracking passwords [see â±password cracking]
crime reporting to the police, for cyber-crime [see â±report, reportingâ±report cyber-crime to the police]
cross authentication of digital security certificates [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificatesâ±cross authentication]
cryptocurrencies/cryptocurrency [see â±financialâ±cryptocurrency]
cryptography, cryptographic
Algorithms [covered under ..â±protocols and algorithms]
cryptocurrencies/cryptocurrency [see â±financialâ±cryptocurrency]
full-disk encryption (FDE) [see ..â±full-system encryption, full-disk encryption]
encrypting emails using PGP security [covered under ..â±protocols and algorithmsâ±public-key cryptographyâ±Pretty Good Privacy cryptographyâ±PGP cryptography for email security]
encrypting a full system, a full disk [see ..â±full-system encryption, full-disk encryption]
encryption using passwords [see â±passwordâ±password encryption]
FDE [see ..â±full-system encryption, full-disk encryption]
full-system encryption, full-disk encryption (FDE)
frequent changing of encryption keys
password encryption [see â±passwordâ±password encryption]
asymmetric cryptography (aka public-key cryptography) [see ..â±public-key cryptographyâ±]
public-key cryptography (aka asymmetric cryptography, using public-private key pair, digital cryptography)
cryptocurrencies/cryptocurrency [see â±financialâ±cryptocurrencyâ±public-key cryptography]
digital signing/signatures of files (no particular content at present)
security by pre-loaded private key [see â±systemsâ±designâ±security by pre-loaded private key]
Pretty Good Privacy (PGP) cryptography
PGP cryptography for email security [see â±electronic mailâ±email securityâ±PGP cryptography for email security]
GNU Privacy Guard (GPG) [see â±software tools, software utilitiesâ±cryptographyâ±GPG]
Transport Layer Security (TLS) [related to â±Hypertext Transfer Protocol Secure]
TLS security certificates
certification authorities
TLS security certificates [see ..â±..â±..â±Transport Layer Securityâ±TLS security certificates]
signing/signatures [see ..â±digital signing/signatures]
security certificates for public-key-cryptography (aka asymmetric-cryptography) authentication [see ..â±protocols and algorithmsâ±public-key cryptographyâ±security certificates]
security tokens for public-key cryptography [see â±security tokensâ±security tokens for public-key cryptography]
Google Authenticator (key- and time- based app) [see â±appâ±Google Authenticator]
cryptographic software tools, software utilities [see â±software tools, software utilitiesâ±cryptography]
full-system encryption [see ..â±full-system encryption, full-disk encryption]
tokens for public-key cryptography [see â±security tokensâ±security tokens for public-key cryptography]
currency [see â±financialâ±currency]
cybersecurity standards [see â±standardsâ±standards for securityâ±cybersecurity]
âdata at restâ [see â±âat restâ data]
data destruction [contrasts and can complement â±backupâ±]
âdestroy key when attackedâ [contrasts and can complement â±backupâ±backing-up security keys and passwords]
crypto shredding [contrasts and can complement â±backupâ±backing-up security keys and passwords]
deleting files [see â±fileâ±file deletion]
design of systems [see â±systemsâ±design]
âdestroy key when attackedâ (broad security principle) [see â±broad security principlesâ±âdestroy key when attackedâ]
destructive measuring [see â±measuring method types]
detecting malware in source code [see â±malwareâ±detecting malware in source code]
deteriorate (cf. deterioration in factory resets)
deterioration due to frequent changing of encryption keys in FDE [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryptionâ±frequent changing of encryption keys]
imitation diamonds (see dedicated index entry)
dice (rolling dice) [see â±randomâ±generating randomnessâ±rolling dice]
diffraction [see â±optical effects]
diff [see â±software tools, software utilitiesâ±file comparisonâ±diff]
diffoscope [see â±software tools, software utilitiesâ±file comparison]
digital camera [see â±cameraâ±digital camera]
digital certificates for security based on public-key cryptography (aka asymmetric cryptography) [see â±security certificate for public-key cryptography]
digital signing/signatures [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±digital signing/signatures]
microchip-based computer memory (hardware-based)
ROM (Read-only Memory) [see â±memoryâ±ROM]
RAM (Random-access Memory) [see â±memory â±RAM]
flash memory [see â±memoryâ±flash memory]
non-microchip-based memory (hardware-less)
all types, alphabetical listing
compact disc (CD) [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±optical/compact disc]
digital versatile disc (DVD) [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±digital versatile disc]
floppy disk [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±floppy disk]
hard disk drive (HDD) [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±hard disk drive]
holographic data storage [see ..â±..â±Random-access Memoryâ±holographic data storage]
magnetic-optical tape [see ..â±..â±Sequential-access Memoryâ±tapeâ±magnetic-optical]
magnetic-optical discs [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±magnetic-opticalâ±magnetic-optical discs]
magnetic tape (eg. cassette tapes) [see ..â±..â±Sequential-access Memoryâ±tapeâ±magnetic]
optical tape [see ..â±..â±Sequential-access Memoryâ±tapeâ±optical]
SAM [see ..â±Sequential-access Memory]
Sequential-access Memory (SAM)
drives for such media [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±tape drives]
RAM [see ..â±Random-access Memory]
Random-access Memory (RAM)
optical ROM (read-only memory) discs [read-only CDs, read-only DVDs, etc.]
writing (aka burning) optical ROM discs
as live DVDs, or live CDs
burner for such media [see ..â±writer for such media]
digital versatile disc (DVD)
drive for such media [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±optical disc drives]
writer (burner) for such media [covered under ..â±âdrive for such mediaâ]
drive for floppy disks [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±floppy disk drive]
holographic data storage (no information at present)
hardware [see â±hardwareâ±digital-storage hardware]
full-disk encryption (FDE) [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption]
DIY [see â±Do It Yourself]
DIY ultrasound imaging kit [see â±physical propertiesâ±images]
DIY security principle (broad security principle) [see â±broad security principlesâ±DIY security principle]
drives (computer drive) and readers (card readers for computer systems) [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±]
dual-booting (a special instance of multi-booting) [see â±bootâ±multi-booting]
Digital Video Disc [see â±Digital Versatile Disc]
Digital Versatile Disc [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±DVDs]
DVD [see â±Digital Versatile Disc]
eavesdropper, eavesdropping [see â±spyâ±eavesdropper]
Eiffel (Eiffel programming language) [see â±programmingâ±programming languagesâ±Eiffel]
electronic keyboard signals
electric field imaging [see â±physical propertiesâ±image]
electronic mail [see â±communicationâ±electronic mail]
electromagnetic radiation
email [see â±communicationâ±electronic mail]
EM radiation [see â±electromagnetic radiation]
embedded microcontrollers
emoji [see â±languageâ±emoji]
emulators (type of software that emulates another software)
Wine Is Not an Emulator (Wine) (Windows emulator for Unix-like operating systems)
encryption [covered under â±cryptography, cryptographicâ±]
error correction algorithms
Essex police [see â±police]
evil maid attack [see â±attackâ±different classes of attack]
Expensive [see â±costsâ±expensive]
fat clients [see â±server-client computing modelâ±clientâ±thin/fat clientsâ±fat clients]
FDE (full-disk encryption, full-system encryption) [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption]
file (computer file) [related to â±digital storage]
backing up files [see â±backupâ±backing up files]
digital-signing of files, and the use of such signatures [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±digital signing/signaturesâ±of files]
to detect malware introductions when using reproducible-builds protocol
byte-for-byte comparison [see â±byte-for-byte comparison for general treatment of byte-for-byte comparison]
software tools and utilities [see â±software tools, software utilitiesâ±file comparison]
file deletion (no particular content at present)
recoverable deletion (no particular content at present)
data sanitisation [falls under â±data destructionâ±data sanitisation]
file transfer, file transmission, sending files
downloads, downloading (no particular content at present) [falls under â±downloads, downloading]
secure communication of files [see â±secure communicationâ±of files]
malware in files (no particular content at present) [see â±malwareâ±malware in files]
âbased on time taken to forgeâ broad security principle [see â±broad security principlesâ±time-based broad security principlesâ±âbased on time taken to forgeâ security principle]
financial [related to â±costs]
bank references (transaction references)
bank transactions [see â±financialâ±financial transactionsâ±bank transactions]
bank systems [see â±financialâ±financial systemsâ±bank systems]
Bitcoin keys [see ..â±..â±..â±cryptocurrency keysâ±Bitcoin keys]
cryptocurrency security [see â±standardsâ±security standardsâ±cryptocurrency]
cryptocurrency systems [see â±financialâ±financial systemsâ±cryptocurrency systems]
cryptocurrency transactions [see â±financialâ±financial transactionsâ±cryptocurrency transactions]
public-key cryptography (using public-private key pair, aka asymmetric cryptography)
public-key cryptography in general [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography]
financial constraints, budget [see â±costsâ±financial constraintsâ±budget]
cryptocurrency systems (no particular information at present)
cryptocurrency (such as Bitcoin) transactions
cryptocurrency security [see â±standardsâ±security standardsâ±cryptocurrency]
treasure map [see â±treasure map]
flash memory [see â±memoryâ±flash memory]
floppy disk [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±floppy disk]
full-system encryption, full-disk encryption (FDE) [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption]
Gas Chromatography Mass Spectrometry machine
GC-MS machine [see â±Gas Chromatography Mass Spectrometry]
GDPR [see â±General Data Protection Regulation]
General Data Protection Regulation [see â±legislationâ±GDPR]
geographic areas [see â±geospatial]
geographic areas, geographies
see countries mentioned in book
geospatial-based broad security principles [see â±broad security principlesâ±geospatial-based broad security principles]
Germany [see â±countries mentioned in bookâ±Germany]
GitHub [see â±systemsâ±collaborative developmentâ±GitHub]
Glacier protocol [see â±standardsâ±security standards]
glare [see â±optical effects]
glasses (looking glasses, spectacles)
Google Authenticator (key- and time- based app) [see â±apps]
GNUâs-Not-Unix! Privacy Guard (GPG) [see â±software tools, software utilitiesâ±cryptographyâ±GPG]
GNU Privacy Guard (GPG) [see â±software tools, software utilitiesâ±cryptographyâ±GPG]
GPG [see â±software tools, software utilitiesâ±cryptographyâ±GPG]
Greek alphabet [see â±languageâ±alphabetâ±non-latin alphabetâ±Greek alphabet]
graphical user interface (GUI) (for computing)
gravitational weight [see â±physical propertiesâ±weight]
GUI [see â±graphical user interface]
backing up files after discovery of having been hacked [see â±backupâ±backing up filesâ±after discovery of having been hacked]
stop funding the spies and hackers (broad security principle) [see â±broad security principlesâ±stop funding the spies and hackers]
hand-made paper [see â±natural hand-made paper]
hardware (computer hardware)
drives (computer drive) and readers (card readers for computer systems)
card readers for SD cards [see â±memory [microchip-based computer memory]â±flash memoryâ±Secure Digital cardsâ±readers]
writing (aka burning) optical discs
writing (aka burning) optical ROM discs (can be DVDs, CDs) [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±optical ROM discsâ±writing optical ROM discs]
hardware-less media (for digital storage) [see â±digital storageâ±mediaâ±non-microchip-based memory]
hardware-based media (for digital storage) [see â±digital storageâ±mediaâ±non-microchip-based memory]
hardware hacking [see â±hackâ±security hackingâ±hardware hacking]
hardware considered as either open-source or closed-source
open-source hardware [opposite of ..â±closed-source hardware]
Novena open-source computing hardware platform
(cf. USB device firmware specifications being more open)
closed-source hardware [opposite of ..â±open-source hardware]
(cf. SD card firmware not having open specifications?)
open/closed source in general [see â±open/closed source]
hardware researchers/specialists
hard disk drive [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±hard disk drive]
Haven: Keep Watch [see â±apps]
HDD [see â±hard disk drive]
Heads (BIOS/UEFI boot firmware system) [see â±bootâ±bootloaderâ±first-stage boot loader]
hibernate (a computerâs hibernate mode) [see â±powering computer systemsâ±system power statesâ±hibernate]
higher-level programming language [see â±programmingâ±programming languagesâ±higher-level programming language]
high-risk, high-sensitivity
historic version of the software [see â±old software, old devices]
historic software (historic version of the software) [see â±historic version of the software]
deceptive fake (cf. forgery) (cf. evil maid attack where computer is replaced with deceptive fake) cf. âA counter-argument to using this protocol is that adversaries with supercomputers can easily fake such numbers of coinsâŠ..â
Holland [see â±countries mentioned in bookâ±Holland]
hologram, holography, holographic
holographic data storage [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±holographic data storage]
home and mobile working [related to â±remote working]
HTTPS [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ± Hypertext Transfer Protocol Secureâ±]
Hypertext Transfer Protocol Secure [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±Hypertext Transfer Protocol Secureâ±]
magnetic image [see â±physical propertiesâ±image]
magnetic resonance imaging [see â±physical propertiesâ±magnetic resonance imaging]
visual image [see â±physical propertiesâ±image]
radio-frequency imaging [see â±physical propertiesâ±image]
RF imaging [see â±physical propertiesâ±image]
electric field imaging [see â±physical propertiesâ±image]
photography [see â±photography]
T ray [see â±physical propertiesâ±imageâ±t ray]
X ray [see â±physical propertiesâ±imageâ±x ray]
ultrasound image [see â±physical propertiesâ±imageâ±ultrasound image]
âInceptionâ (the film)
âInceptionâ styled attacks [see â±attackâ±different classes of attackâ±mind-reading psychic attackâ±âInceptionâ styled attacks]
deep hardware hacking [see â±hackâ±security hackingâ±hardware hackingâ±deep hardware hacking]
infra-red scanning [see â±physical properties]
infrared filter [see â±physical properties]
ink paper marbling [see â±paperâ±ink paper marbling]
input/output (input and output aspect of computing hardware)
I/O [see â±Input/Output]
infra red [see â±physical propertiesâ± infra red]
installation software [see â±softwareâ±installation software]
intellectual property concerning source code and designs
open source [opposite of ..â±closed source]
open source in general [see â±open/closed sourceâ±open source]
closed source [opposite of ..â±open source]
closed source in general [see â±open/closed sourceâ±closed source]
internal Read-Only Memory (of a computer system)
internal ROM [see â±internal Read-Only Memory]
internet research (cf. internet searching)
internet bandwidth, internet quota
internet browser [see â±web/internet browser]
inventions for security [see â±security invention]
keyboard (computer keyboard)
asymmetric cryptography [aka public-key cryptography] [see ..â±public-key cryptographyâ±]
backing-up security keys [covered under â±backupâ±backing-up security keys and passwords]
destroying keys [contrasts and can complement â±backupâ±backing-up security keys and passwords]
crypto shredding [see â±data destructionâ±crypto shredding]
âdestroy key when attackedâ [see â±data destructionâ±âdestroy key when attackedâ]
frequent changing of encryption keys in FDE [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryptionâ±frequent changing of encryption keys]
public-key cryptography (using public-private key pair, aka asymmetric cryptography)
PGP (Pretty Good Privacy) public key [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±PGP public key]
private key [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±private key]
public key [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±public key]
Bitcoin keys [see â±financialâ±currencyâ±cryptocurrencyâ±different currenciesâ±Bitcoinâ±Bitcoin keys]
tokens for public-key-cryptography keys [see â±security tokensâ±security tokens for public-key cryptography]
physical key [related to â±physically lock, physical lockâ±physical -key lock]
cloned key [see â±cloned key]
key scrambler (aka keyboard scrambler)
Kodak online printing (UK business) [see â±businessâ±online printing businesses]
programming language [see â±programmingâ±programming language]
lapse(s) in security [see â±security lapse]
Latin alphabet [see â±languageâ±alphabet]
legislation (hardly any content at present)
GDPR (General Data Protection Regulation)
Linux (OS) [see â±operating systemâ±different operating systems]
location (geospatial) [see â±geospatial]
lock (physical) [see â±physical lock]
locking, and lock for, computer screen [see â±computer screen lock/locking]
log-off (no particular content at present?)
loud alarm [see â±alarmâ±loud alarm]
low cost [see â±costsâ±cheap]
magnetic fields, magnetism, magnet, magnetic
magnetic tape (computer storage, eg. cassette tapes) [see â±digital storageâ±non-microchip-based memoryâ±Sequential-access Memoryâ±tapeâ±magnetic]
magnetic-optical [see â±magnetic-optical]
magnetic weight [see â±physical propertiesâ±weight]
magnetic image [see â±physical propertiesâ±image]
magnetic resonance imaging [see â±physical propertiesâ±magnetic resonance imaging]
MRI [see â±physical propertiesâ±magnetic resonance imaging]
tape [see â±digital storageâ±non-microchip-based memoryâ±Sequential-access Memoryâ±tapeâ±magnetic-optical]
discs [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±magnetic-optical discs]
magnetic tape (computer storage, eg. cassette tapes) [see â±digital storageâ±non-microchip-based memoryâ±sequential-access Memoryâ±tapeâ±magnetic]
malware in files (no particular content at present)
detecting malware in source code
by using reproducible-builds protocol
file-comparison aspect [see â±fileâ±file comparisonâ±to detect malware introductions when using reproducible-builds protocol]
manufacturer, producer (intersects with business) (manufacturers and producers named in book)
OEM [see â±original equipment manufacturer]
cf. providerâs authentication server in §âSecurity by pre-loaded private keyâ
<different manufacturer names>
marbling (paper marbling) [see â±paperâ±paper marbling]
Mark Fernandes [see â±persons]
acetone [see ..â±glue solventsâ±acetone]
bubble wrap [see ..â±unrepeatable-pattern materialsâ±shape-retentive materials that are very easily deformedâ±bubble wrap]
cling film [see ..â±transparent materialâ±cling film]
crumpling plastic material [see ..â±shape-retentive material that is very easily deformedâ±plastic that crumples]
foam peanuts [see ..â±unrepeatable-pattern materialsâ±polystyrene piecesâ±foam peanuts]
foil (reflective foil) that is shredded [see ..â±unrepeatable-pattern materialsâ±shreddedâ±shredded reflective foil]
glitter nail varnish [see ..â±unrepeatable-pattern materialsâ±glitter nail varnish]
hand-made paper [see ..â±paperâ±hand-made paper]
holographic material that is shredded [see ..â±unrepeatable-pattern materialsâ±shreddedâ±shredded holographic material]
imitation diamonds [see ..â±transparent materialâ±imitation diamonds]
ink-marbled paper [see ..â±paperâ±ink-marbled paper]
mylar x-ray film [see ..â±x-ray filmâ±mylar x-ray film]
newspaper [see ..â±paperâ±newspaper]
tea-bag marbled stained paper
plastic, transparent pouch/bag material [see ..â±transparent materialâ±plastic pouch/bag material]
plastic that crumples [see ..â±unrepeatable-pattern materialsâ±shape-retentive material that is very easily deformedâ±plastic that crumples]
polystyrene pieces [see ..â±unrepeatable-pattern materialsâ±polystyrene pieces]
printer paper [see ..â±paperâ±printer paper]
reflective foil that is shredded [see ..â±unrepeatable-pattern materialsâ±shreddedâ±shredded reflective foil]
rice grains [see ..â±unrepeatable-pattern materialsâ±rice grains]
shredded [see ..â±unrepeatable-pattern materialsâ±shredded]
shell-suit material [see ..â±unrepeatable-pattern materialsâ±shape-retentive material that is very easily deformedâ±shell-suit material]
silk [see ..â±unrepeatable-pattern materialsâ±shape-retentive material that is very easily deformedâ±silk]
super glue [see ..â±glueâ±super glue]
tea-bag marbled stained paper [see ..â±paperâ±tea-bag marbled stained paper]
tie-dye material [see ..â±unrepeatable-pattern materialsâ±materials that might be suitableâ±tie-dye material]
cling film [related to ..â±..â±unrepeatable-pattern materialsâ±shreddedâ±shredded cling film]
imitation diamonds [related to ..â±..â±unrepeatable-pattern materialsâ±imitation diamonds]
plastic pouch/bag material
transparent beads [related to ..â±..â±unrepeatable-pattern materialsâ±transparent beads]
transparent plastic that is shredded [related to ..â±..â±unrepeatable-pattern materialsâ±shreddedâ±shredded transparent plastic]
unrepeatable-pattern materials
materials that might be suitable
ink-marbled paper [see ..â±..â±..â±paperâ±ink-marbled paper]
newspaper [see ..â±..â±..â±paperâ±newspaper]
printer paper [see ..â±..â±..â±paperâ±printer paper]
tea-bag marbled stained paper [see ..â±..â±..â±paperâ±tea-bag marbled stained paper]
tie-dye material [see ..â±..â±..â±paperâ±tie-dye material]
shape-retentive materials that are very easily deformed
shredded holographic material
shredded paper [see ..â±..â±..â±paperâ±shredded paper]
shredded transparent plastic
Matthew Garrett [see â±persons]
measurements, readings of physical properties [see â±physical propertiesâ±readingsâ±measuring]
memory (microchip-based computer memory)
ROM [see â±Read-only Memory]
RAM [see â±Random-access Memory]
NOR flash (NOR stands for the not-or logic gate)
NAND flash (NAND stands for the not-and logic gate)
SD cards [see â±Secure Digital cards also in this group]
Secure Digital cards (SD cards)
smartphone internal SD cards
readers for SD cards [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±card readers for SD cards]
SSD [see â±solid-state drive]
mindset of hackers [see â±hackâ±security hackingâ±mindset of hackers]
psychic attack [see â±attackâ±different classes of attackâ± mind-reading psychic attack]
security in spite of amnesia [see â±security in spite of amnesia]
MFA [see â±multi-factor authentication]
microwave oven [see â±microwave testing]
other policies (no content at present)
mindset of hackers [see â±hackâ±security hackingâ±mindset of hackers]
minimally-above-average security (broad security principle) [see â±broad security principlesâ±minimally-above-average security]
multi-factor authentication (MFA)
2-factor authentication (special instance of MFA)
Micah Lee (a long-time Qubes advocate)
microchip (computer microchip, chip is abbreviation)
microchip-based computer memory [see â±memory [microchip-based computer memory]]
Micro SD cards [see â±Secure Digital cards]
mind reading [see â±mentalâ±mind reading]
memory stick [see â±USB memory stick]
Michael A. Caloyannides [see â±persons]
MITM [see â±Man In The Middle]
mobile phone [see â±phonesâ±mobile phones]
mobile working [see â±home and mobile working]
monetary amounts [see â±financialâ±currencyâ±moneyâ±monetary amounts]
Morse code [see â±languageâ±Morse code]
motion detector alarms [see â±alarmsâ±motion detector alarms]
multi-step security [see â±MFA]
multi-booting [see â±bootâ±multi-booting]
mylar x-ray film [see â±physical properties]
naked eye [related to â±visible spectrum]
National Cyber Security Centre for the UK (NCSC) [see â±organisations and businessesâ±names of non-business organisationsâ±National Cyber Security Centre]
NCSC [see â±organisations and businessesâ±names of non-business organisationsâ±National Cyber Security Centre]
Neo public-key-cryptography USB security tokens [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokensâ±brandsâ±Yubikey, Yubicoâ±Neo]
Near Field Communications (NFC) [see â±communicationâ±wireless communicationâ±typesâ±NFC]
new software, and devices [see â±age of software, and devicesâ±new]
Netherlands [see â±countries mentioned in bookâ±Netherlands]
network for wireless communication [see â±communicationâ±wireless communicationâ±network]
newspaper [see â±paperâ±newspaper]
NFC [see â±communicationâ±wireless communicationâ±typesâ±NFC]
Nitrokey brand of USB security tokens [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokensâ±brandsâ±Nitrokey]
noise (random noise) [related to â±unrepeatable pattern]
non-Latin alphabet [see â±languageâ±alphabet]
non-verbal symbol [see â±languageâ±non-verbal symbol]
NOR flash (flash microchip memory) [see â±memory [microchip-based computer memory]â±flash memory]
NAND flash (flash microchip memory) [see â±memory [microchip-based computer memory]â±flash memory]
non-invasive measuring methods [see â±measuring method typesâ±non-invasive]
non-destructive measuring methods [see â±measuring method typesâ±non-destructive]
Novena open-source computing hardware platform [see â±hardwareâ±hardware considered as either open-source or closed-sourceâ±open-source hardwareâ±Novena open-source computing hardware platform]
obtaining software [see â±softwareâ±obtaining softwareâ±]
original equipment manufacturer (OEM) software [see â±softwareâ±OEM software]
OEM software [see â±softwareâ±OEM software]
old software, and devices [see â±age of software, and devicesâ±old]
online printing business [see â±businessâ±online printing business]
online shop [see â±businessâ±shopâ±online shop]
considered as a business model [see â±businessâ±business modelsâ±open-source vs. closed-source]
open source [opposite of ..â±closed source]
open source source code [see â±programmingâ±source codeâ±source code considered as either open source or closed sourceâ±open source source code]
open source hardware [see â±hardwareâ±hardware considered as either open-source or closed-sourceâ±open-source hardware]
open source considered as intellectual property [see â±intellectual propertyâ±intellectual property concerning source code and designsâ±open source]
closed source [opposite of ..â±open source]
closed source source code [see â±programmingâ±source codeâ±source code considered as either open source or closed sourceâ±closed source source code]
closed source hardware [see â±hardwareâ±hardware considered as either open-source or closed-sourceâ±closed-source hardware]
closed source considered as intellectual property [see â±intellectual propertyâ±intellectual property concerning source code and designsâ±closed source]
optical disc (such as CDs and DVDs) [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±opticalâ±dis(c|k)-based]
optical ROM discs (read-only CDs, read-only DVDs, etc. {ROM=read-only memory}) [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±opticalâ±optical ROM discs]
translucency (no content at present) .
diffraction [related to interference patterns in â±hologram, holography..]
stereoscopy (no content at present) .
moving images revealed in holograms by moving hologram.
optical tape [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Sequential-access Memoryâ±tapeâ±optical]
option ROMs (ROM=read-only memory)
Oracle Cloud compute instance
Oracle Cloud Linux [see â±operating systemâ±different operating systems]
Oracle Cloud Linux compute instance
organisations and businesses
business [see â±business]
names of non-business organisations
Chaos Communication Congress
Essex police [see ..â±governmentalâ±policeâ±Essex police]
National Cyber Security Centre (NCSC) [see ..â±governmentalâ±country-specificâ±UKâ±National Cyber Security Centre]
Qubes OS project (for general info about Qubes OS) [see â±Qubes OS]
Raspberry Pi Foundation (for general info about Raspberry Pi technology) [see â±Raspberry Pi]
Wikimedia Foundation (for general info about Wikipedia, which is owner by the foundation) [see â±Wikipedia]
National Cyber Security Centre (NCSC)
Essex police [see ..â±..â±country-specificâ±UKâ±Essex police]
names of organisations and businesses
certification authorities
Chaos Communication Congress
GitHub [see â±systemsâ±collaborative developmentâ±GitHub]
National Cyber Security Centre (NCSC)
secret criminal societies
operating system (OS) (base platform software for using a computer)
different operating systems
general info about Raspberry Pi technology [see â±Raspberry Pi]
Android operating system (for mobile devices)
operating-system login account
operating costs [see â±costsâ±operating costs]
order, ordering (request for product/service) [related to â±purchasing]
compared with non-order acquisition of goods (ordering is prone to MITM attacks)
ordering many units of same product (broad security principle)
ordering goods requiring physical transit to customer
security for goods in physical transit [see â±physical transitâ±security for goods in physical transit]
returning orders [see â±product return]
OS (operating system) [see â±operating system]
outside the box [see â±mentalâ±thinking outside the box]
tea-bag marbled stained paper
hand-made paper [see â±natural hand-made paper]
changing passwords [covered under â±changing passwords and keys]
password manager (aka password vault)
communicating passwords (cf. Appendix)
rate limiting in password attempts
pattern (graphical pattern)
different âready-to-runâ PCs marketed as products
Chromebook, Chromebox, Chromebit [see â±server-client computing modelâ±clientâ±web client computersâ±Chromebook, Chromebox, Chromebit]
persons (individuals named in book)
Andrew "bunnie" Huang (computer hardware researcher and specialist)
Mark Fernandes (software developer, original author of this book)
Matthew Garrett (technologist, software developer, worked on secure boot protocol)
Michael A. Caloyannides (author of âDesktop Witness: The Do's and Don'ts of Personal Computer Securityâ)
Trammell Hudson (principal developer of the Heads BIOS/UEFI boot firmware system)
PC [see â±personal computer]
Cf. Raspberry Pi, cf. peer review in âbuild from sourceâ section, cf. publishing security methods section (in broad principles section)
peripheral (computer peripheral)
old mobile phone [see â±age of software, and devicesâ±oldâ±old mobile phone, mobile device]
new mobile phone [see â±age of software, and devicesâ±newâ±new mobile phoneâ±mobile device]
internal SD cards in smartphones [see â±memory [microchip-based computer memory]â±flash memoryâ±SD cardsâ±smartphone internal SD cards]
PGP public key [see â±cryptography, cryptographicâ±protocols and algorithmsâ±Pretty Good Privacy cryptographyâ±PGP public key]
PGP cryptography [see â±cryptography, cryptographicâ±protocols and algorithmsâ±Pretty Good Privacy cryptography]
photography, photograph, photographing
visible-spectrum photography
security-photo matching software [see â±softwareâ±security-photo matching software]
physical isolation (cf. §âBased on time passedâ)
physical key [see â±keyâ±physical key]
physically lock, physical lock [related to â±safe]
physical -key lock [related to â±keyâ±physical key]
magnetic resonance imaging
RF imaging [see below, radio-frequency imaging]
photography [see â±photography]
T ray (Terahertz radiation scan analogous to an x ray)
DIY ultrasound imaging kit
measuring physical properties for authentication [see â±authenticationâ±measuring physical properties for authentication]
radio-frequency detection
physical shelves [see â±businessâ±shopâ±physical shopâ±physical shelves]
physical shop/store [see â±businessâ±shopâ±physical shop]
security for goods in physical transit
pinhole (pinhole material)
plastic bags [see â±shape flexibilityâ±plastic bag]
platform (computer platform)
polarisation [see â±optical effects]
Essex police [see â±organisations and businessesâ±names of non-business organisationsâ±Essex police]
report cyber-crime to the police [see â±report, reportingâ±report cyber-crime to the police]
polarised (polarised optical filter)
polystyrene pieces (such as those used for cushioning parcelled items) [see â±foam peanuts]
porting source code to higher-level programming language [see â±programmingâ±source codeâ±porting source code to higher-level programming language]
power states (system power states) [see â±powering computer systemsâ±system power states]
powering computer systems
system power states (for computer system)
hibernate (s4) (no content at present)
soft off/boot, warm boot (s5) (no content at present)
powered-off (step in cold booting) (G3) (cf. securing bootloader when in powered-off...) (there are two types of shutdown {G3}: graceful and hard)
Pretty Good Privacy (PGP) cryptography [see â±cryptography, cryptographicâ±protocols and algorithmsâ±Pretty Good Privacy cryptography]
principles of security that are broad [see â±broad security principles]
3D printers (3D=three-dimensional, no content at present) .
printer paper [see â±paperâ±printer paper]
privacy screen filters [see â±privacy screens [filters]]
programming, coding, reprogramming [related to â±hackâ±hacker culture]
porting source code to higher-level programming language [see ..â±..â±source codeâ±porting source code to higher-level programming language]
higher-level programming language
porting source code to higher-level programming language [see ..â±..â±..â±source codeâ±porting source code to higher-level programming language]
cryptography algorithms [see â±cryptography, cryptographicâ±algorithms]
by using collaborative development [see â±systemsâ±collaborative developmentâ±when used for auditing source code changes]
detecting malware in source code [see â±malwareâ±detecting malware in source code]
porting source code to higher-level programming language
building from source [see â±building softwareâ±building from source]
source code considered as either open source or closed source
open source source code [opposite of ..â±closed source/source code]
closed source source code [opposite of ..â±open source source code]
open/closed source in general [see â±open/closed source]
probability, probabilistic [related to â±random]
product ordering [see â±order, ordering]
proof of work [see â±financialâ±cryptocurrenciesâ±proof of work]
pronunciation [see â±languageâ±pronunciation]
pros vs cons (for and against)
for cryptography [see â±cryptography, cryptographicâ±protocols and algorithms]
for communication [see â±communicationâ±communication protocols for computing devices]
that are also standards [see â±standardsâ±protocols]
reproducible-builds protocol [see â±building softwareâ±reproducible builds]
zero-knowledge authentication protocol
psychic [see â±mentalâ±mind readingâ±psychic]
PS/2 (keyboard interface standard, PS/2 means IBM Personal System/2, IBM stands for International Business Machines and is a technology company)
public authentication PGP key [see â±keyâ±digital keyâ±public-key cryptographyâ±PGP public key]
private key [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±private key]
âprivate-public key pairâ encryption [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography]
public key [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±public key]
public-key cryptography (aka asymmetric cryptography) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography]
âpublic-private key pairâ encryption [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography]
publishing security methods (broad security principle) [see â±broad security principlesâ±publishing security methods]
purchase, purchasing [related to â±ordering]
costs of purchases [see â±costs]
purchasing software [intersects with â±softwareâ±obtaining softwareâ±]
refunds for purchases [see â±financialâ±refund]
returning purchased products [see â±product return]
shop from which purchases can be made [see â±businessâ±shop]
QC parameters [see â±quality-control parameters]
quality-control parameters
quantum entanglement (analogy, in respect of testing one unit to determine properties of second unit) [see â±testing]
Qubes OS / Qubes [see â±operating systemâ±different operating systems]
entity behind Qubes OS [see â±organisations and businessesâ±names of non-business organisationsâ±Qubes OS project]
radio-frequency imaging (RF imaging) [see â±physical properties]
radio-frequency detection (RF detection) [see â±physical properties]
radio-frequency fields [see â±RF fields] [see â±physical properties]
random [related to â±probability]
Random Access Memory (RAM)
user randomly selecting unit from off physical shelves (broad security principle) [see â±businessâ±shopâ±physical shopâ±physical shelves]
RAM [contrasts with â±SAM] [see â±randomâ±Random Access Memory]
Raspberry Pi OS [see â±operating systemâ±different operating systems]
creator (of Raspberry Pi products) [see â±organisations and businessesâ±names of non-business organisationsâ±Raspberry Pi Foundation]
readers (card readers for computer systems) [covered under â±hardwareâ±digital-storage hardwareâ±drives and readersâ±]
microchip-based computer memory [see â±digital storageâ±media, microchip-based computer memoryâ±ROM]
optical ROM discs (eg. read-only CDs, read-only DVDs) [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±optical]
recycle, recycled, recycling
recycled paper [see â±paperâ±recycled paper]
refund [see â±financialâ±refund]
reflectivity [see â±optical effects]
refractivity [see â±optical effects]
regulation (a type of legislation) [see â±legislation]
restricted viewing enclosure [see â±view restrictionâ±cardboard ârestricted viewing enclosureâ]
remote control (remotely controlling computer)
remote working [related to ..â±home and mobile working]
replay attack [see â±attackâ±different classes of attack]
report cyber-crime to the police (broad security principle)
reproducible builds [see â±building softwareâ±reproducible builds]
response and recovery (cf. 変What to do when you discover your computer has been hacked)
return (product return) [see â±product return]
RF (radio frequency) [see â±radio frequency]
rolling dice [see â±randomâ±generating randomnessâ±rolling dice]
ROM [see â±Read-only Memory]
router [see â±hardwareâ±router]
safe (physical safe) [related to â±physically lock, physical lock]
SAM [contrasts with â±RAM] [see â±Sequential Access Memory]
sandboxing [related to â±cloud computing]
screensaver lock [covered under â±computer screen lock/locking]
screen lock [covered under â±computer screen lock/locking]
computer screws [see â±computer screws]
scorched earth [see â±militaryâ±military policyâ±scorched earth]
SD card [see â±Secure Digital card]
Secure Digital card (SD card) [see â±memoryâ±flash memoryâ±SD card]
second hand (used goods, services, etc.) (not brand new)
second hand shop [see â±businessâ±shopâ±second-hand shop]
secure communication [see â±communicationâ±secure communication]
security in spite of amnesia (cf. security reminders)
security by pre-loaded private key [see â±systemsâ±designâ±security by pre-loaded private key]
security via mass adoption
secret criminal society [see â±secret societyâ±secret criminal society]
security in cyber secure systems and their design [see â±designâ±design of cyber secure systems]
security alarm [see â±alarmâ±security alarm]
security certificate for public-key cryptography (aka asymmetric cryptography)
security certificate for public-key cryptography [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificates]
security certificate for Transport Layer Security (TLS) (digital security certificate) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Securityâ±TLS security certificates]
security community, security researchers
security derived from source-code auditing
preventing lapses in security [see â±broad principlesâ±preventing lapses in security]
security level (complements âthreat modelâ concept)
think in terms of gradual movement along a security-level continuum (broad security principle)
[see â±broad security principlesâ±think in terms of gradual movement along a security-level continuum]
security location for resting [see â±âat restâ security location]
security method publishing (broad security principle) [see â±broad security principlesâ±publishing security methods]
security-photo matching software [see â±softwareâ±security-photo matching software]
security principles that are broad [see â±broad security principles]
security products and services (cf. §âNational Cyber Security Centreâ)
GPG [see â±software tools, software utilitiesâ±cryptographyâ±GPG]
Google Authenticator (key- and time- based app)
combination lock briefcase
security rating [related to â±security level] [see â±standardsâ±security standardsâ±security rating]
security reminder (cf. Preventing lapses in security) (can sometimes overcome amnesia)
security standards [see â±standardsâ±security standards]
relying on high production cost of certain security tokens (broad security principle) [see â±broad security principlesâ±relying on high production cost of certain security tokens]
security tokens for public-key cryptography
general information on public-key cryptography [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography]
security whilst asleep [see â±sleeping, and security when asleep]
security zone [related to â±broad security principlesâ±geospatial-based broad security principles]
Sequential Access Memory (SAM)
server [see â±server-client computing modelâ±server]
server-client computing model
client (client computer/software)
thin clients (similar to web client computers)
web client computers (similar to thin clients)
Chromebook, Chromebox, Chromebit
server (computer/software server)
Shamir's Secret Sharing [see â±backupâ±backing-up security keys and passwordsâ±Shamir's Secret Sharing]
shape retention âat restâ [see â±âat restâ shape retention]
shape flexibility (cf. §âPerhaps the simplest and best ideaâ)
(in relation to shell-suit material, silk scarves, bubble wrap, and plastic bags)
(in relation to bag/pouch)
shell-suit [see â±shape flexibilityâ±shell-suit]
physical shelves [see â±businessâ±shopâ±physical shopâ±physical shelves]
shop [see â±businessâ±shop]
shreds, shredding, shredder
shutdown (computer shutdown, there are two types: graceful and hard) [see â±powering computer systemsâ±system power statesâ±sleep mode]
signing/signature (digital signatures in cryptography) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±digital signingâ±signatures]
silk scarf/scarves [see â±shape flexibilityâ±silk scarves]
single-key password mechanism
sleep (a computerâs sleep mode) [see â±powering computer systemsâ±system power statesâ±sleep mode]
sleeping, and security when asleep
small business [see â±businessâ±small business]
smartphone [see â±phonesâ±mobile phonesâ±smartphones]
software (cf. listed, advertised, and supported security products and services on NCSC website)
security-photo matching software
best practice [see â±best practiceâ±for obtaining software]
obtained when distributed as pre-installed OEM software
from software repositories such as GitHubâs repositories
preinstalled, and as method for obtaining software [see ..â±..â±obtaining softwareâ±obtained when distributed as pre-installed OEM software]
different classes of software
antivirus software [see â±antivirus software]
bootloader [see â±bootâ±bootloader]
cryptography-related [see â±cryptography, cryptographicâ±software]
emulators [see â±emulators]
internet browser [synonym for ..â±web browser]
operating system [see â±operating system]
tools, utilities [see â±software tools, software utilities]
web/internet browser [see â±web/internet browser]
names of different software mentioned
Android [see â±operating systemâ±different operating systems]
ChromeOS [see â±operating systemâ±different operating systems]
diff [see â±software tools, software utilitiesâ±file comparison]
diffoscope [see â±software tools, software utilitiesâ±file comparison]
Haven: Keep Watch [see â±apps]
Heads [see â±bootâ±bootloaderâ±first-stage boot loader]
Chrome internet browser [see â±web/internet browser]
Coreboot [see â±bootâ±bootloaderâ±first-stage boot loader]
Google Authenticator (key- and time- based app) [see â±apps]
GPG [see â±software tools, software utilitiesâ±cryptographyâ±GPG]
Linux [see â±operating systemâ±different operating systems]
Oracle Cloud Linux [see â±operating systemâ±different operating systems]
Qubes OS [see â±operating systemâ±different operating systems]
Raspberry Pi OS [see â±operating systemâ±different operating systems]
Windows [see â±operating systemâ±different operating systems]
software developer, software development
cf. §â8 Principles of Secure Development & Deploymentâ
sole trader [see â±businessesâ±sole trader]
solvent (glue solvent) [see â±glueâ±glue solvents]
source (source code) [see â±programmingâ±source code]
âspot the differenceâ (game)
spy, spying, spies, espionage
stop funding the spies and hackers (broad security principle) [see â±broad security principlesâ±stop funding the spies and hackers]
steganographic (steganography)
stereoscopy [see â±optical effects]
storage media (digital storage media) [see â±digital storageâ±mediaâ±]
submerging in water [see â±waterâ±submerging in water]
software tools, software utilities (class of software)
GPG (GNUâs-Not-Unix! Privacy Guard)
SSD [see â±solid-state drive]
protocols (there are also protocols that arenât standards) [see ââ±protocolâ for such other protocols]
for communication between computing devices [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±]
Transport Layer Security (TLS) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Security]
cf. protocols in §âCryptocurrency-like mining to increase trustâ
collaborative development
when used for auditing source code changes
design of cyber secure systems
Too much of the book content is relevant here, for an exhaustive listing.
design to destroy private key when tampering is detected
security by pre-loaded private key
bare bones [roughly opposite of..â± âbells and whistlesâ]
âbells and whistlesâ [roughly opposite of ..â±bare bones]
full-system encryption [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption]
system power states [see â±powering computer systemsâ±system power states]
hardware tampering (cf. âUSB devices vs. SD cardsâ)
tamper evident, tamper evidence
tampering attack [computer security attack, see â±attackâ±different classes of attack]
tape (for computer storage) [see â±digital storageâ±Sequential-access Memoryâ±tape]
tea-bag marbled stained paper [see â±paperâ±tea-bag marbled stained paper]
terminal for X Window System (display/input terminal) [see â±server-client computing modelâ±clientâ±thin/fat clientsâ±thin clientsâ±X terminal]
Tesco online printing (UK business) [see â±businessâ±online printing businesses]
testing (testing for security authentication)
quantum entanglement (analogy, in respect of testing one unit to determine properties of second unit)
tethering (wired tethering) [see â±wired tethering]
text (text-message) [related to â±language] [see â±communicationâ±text-message]
thin/fat clients [see â±server-client computing modelâ±clientâ±thin/fat clients]
thinking outside the box [see â±mentalâ±thinking outside the box]
Thirty-third Chaos Communication Congress (33c3) [see â±33rd Chaos Communication Congress]
threat model (term complements âsecurity levelâ term)
time-based broad security principles (broad security principles) [see â±broad security principlesâ±time-based broad security principles]
time window [see â±window of time]
Transport Layer Security (TLS) (digital-cryptography based) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Security] [related to â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±Hypertext Transfer Protocol Secure]
TLS (Transport Layer Security) [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Security]
tokens for public-key cryptography [see â±security tokensâ±security tokens for public-key cryptography]
tools (software tools) [see â±software tools, software utilities]
transparency [see â±optical effects]
translucency [see â±optical effects]
Trusted Platform Module (TPM)
tossing coin [see â±randomâ±generating randomnessâ±coin tossing]
TPM [see â±Trusted Platform Module]
Trammell Hudson (principal developer of the Heads BIOS/UEFI boot firmware system)
physical transit [see â±physical transit]
trustable hardware [see â±hardwareâ±trustable hardware]
T rays [see â±physical propertiesâ±imagesâ±t rays]
two-step security [see â±2FA]
two-factor authentication [see â±2FA]
Unified Extensible Firmware Interface (UEFI) [see â±bootâ±bootloaderâ±first-stage boot loader]
UEFI [see â±Unified Extensible Firmware Interface]
unicode [see â±languageâ±unicode]
Universal Serial Bus (USB, standard for computer peripheral communications)
USB keyboard (computer keyboard)
USB public-key-cryptography security token [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokens]
USB [see â±Universal Serial Bus]
ultrasound [see â±physical properties]
United Kingdom [see â±countries mentioned in bookâ±United Kingdom]
United States of America [see â±countries mentioned in bookâ±United States of America]
utilities (software utilities) [see â±software toolsâ±software utilities]
antivirus software [see â±antivirus software]
<there is so much information relevant here, that it may not be possible to list all of it here.>
visual display unit (computer screen)
VDU [see â±visual display unit]
VDU signal interception attack [see â±attackâ±different classes of attack]
viewing angle [see â±view restrictionâ±viewing angle]
cardboard ârestricted viewing enclosureâ
visual cognitive power [see â±mentalâ±cognitive powerâ±visual cognitive power]
visual noise [see â±noiseâ±visual noise]
visible spectrum (of light)
visual occlusion [see â±occlusion] (cf. occlude)
volume (space in 3D) [see â±physical properties]
weak currency [see â±financialâ±currencyâ±weak currency]
web client computers [see â±server-client computing modelâ±clientâ±web client computers]
websites referenced in book
weight [see â±physical properties]
weighing scales [see â±physical properties]
white-on-white text [see â±steganographyâ±white-on-white text]
Wikimedia Foundation [see â±Wikipediaâ±owner of Wikipediaâ±Wikimedia Foundation]
Wikimedia Foundation [see â±organisations and businessesâ±names of non-business organisationsâ±Wikimedia Foundation]
WiFi [see â±communicationâ±wireless communicationâ±typesâ±WiFi]
attack window [see â±attackâ±attack window]
using most secure window of time (broad security principle) [see â±broad security principlesâ±time-based broad security principlesâ±using most secure window of time]
Windows (OS) [see â±operating systemâ±different operating systems]
Wine Is Not an Emulator (Windows emulator for Unix-like operating systems) [see â±emulator]
Wine [see â±Wine Is Not an Emulator]
wireless communication [see â±communicationâ±wireless communication]
word symbol [see â±languageâ±word symbol]
writing optical discs [see â±hardwareâ±drives and readersâ±optical disc driveâ±optical disc writersâ±writing optical discs]
"write once" optical media
X terminal (display/input terminal for X Window System client applications) [see â±server-client computing modelâ±clientâ±thin/fat clientsâ±thin clientsâ±X terminal]
X ray [see â±physical propertiesâ±imageâ±X ray]
Yubico and Yubikey brands of USB security tokens [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokensâ±brandsâ±Yubikey, Yubico]
zero-knowledge authentication protocol [see â±protocol]
Foreword to first version
edit
This book was first produced in response to a computer hacking incident encountered during 2020 by the author of the first version of this book, in the course of his being a self-employed software developer . He had already adopted some security measures but then felt he really needed an overhaul of the security measures and systems he had in place.
This book is aimed specifically at individuals, sole traders , and small businesses , bearing in mind that they may have shoestring budgets .
It was the authorâs belief that end-user security was a real issue of concern because the mindsets of security specialists seemed to be often attuned to examining and proposing solutions within rigid frameworks: such as for example only looking at software security risks but completely ignoring physical aspects of everyday nuts-and-bolts security. A certain element of being able to think âoutside the boxâ , and outside oneâs own specialised domain, is needed. As such, security is really a multidisciplinary field, requiring the creativity of people from all walks of life.
There is special concern for the highlighted entities (individuals, sole traders, and small businesses), because of their being prone to attack due to budget constraints, and a lack of other important resources.
The author of the first version of the book places his contributions into the public domain (the authorâs Google Drive version hosted here [minus the Google Docs comments ] will always be in the public domain). He feels that end-user security is so important, that intellectual property obstacles should be removed as much as possible, so as to enable everyday users to be able to undertake computing activities safely. This is especially of concern at the time of writing during the 2020 COVID-19 worldwide outbreak. During this outbreak, individuals are being called upon in great numbers to remote work and also to socialise and conduct recreational activities using computing devices.
The increasing consumer use of cryptocurrencies is another reason why a work like this is important.
The author only asks in return that you, if possible, do the following:
Amend this work to fix mistakes.
Add comments indicating your level of agreement or disagreement with different parts that you read/review.
Improve it in other ways.
Please note that because using your contributions might require that you grant copyright permission for such, it is mostly preferred that you make your contributions to the Wikibooks version of this book[ 1] .
Footnotes
â If you are only pointing out mistakes, or giving quantitative measurements of your agreement/disagreement with parts of this book, copyright permission probably wonât be required.