We use technology to serve our needs.
Use of encryption[edit | edit source]
Personally I don't use encryption because:
- I don't use nuclear reactor to put my kettle on.
- The usability and UX is atrocious. At the same time I keep myself educated and try improve the process.
- It is an irreversible action with potentially disastrous consequences.
- I don't trust myself to be able to reliably keep private key private. See: http://www.iamthespecialist.com/2014/03/how-to-securely-store-private-keys.html
- I don't trust device I'm using. See what they did to Snowden's laptop: https://media.ccc.de/browse/conferences/camp2015/camp2015-6799-how_to_destroy_a_laptop_with_top_secrets.html#video
- I don't trust person on the other side of the wire
Usability[edit | edit source]
- Our results shown that more than a decade and a half after - Why Johnny Can't Encrypt - http://www.gaudior.net/alma/johnny.pdf - modern PGP tools are still unusable for the masses.
- Good tutorial: http://notes.jerzygangi.com/the-best-pgp-tutorial-for-mac-os-x-ever/
- But I'm still not using it... Of course I see enormous business opportunity waiting to be realised!
SSH[edit | edit source]
Remeber to backup your SSH keys before wiping a machine and installing new operating system!
Password manager[edit | edit source]
I was using password manager to create ALL my passwords, including email. And then, in order to access password manager I need to access my email. YEAH, luckily I was able to reset my email password using my Polish phone:
Two-factor authentication[edit | edit source]
Using in all places that contain some valuable information:
Emergency procedures[edit | edit source]
Twitter[edit | edit source]
LinkedIn[edit | edit source]
"If you were to loose access to your account and phone, then you would be required to send us a valid government issued ID for further verification."
Backups[edit | edit source]
Currently this wiki is hosted on: https://miraheze.org
Chosen from the list: https://www.mediawiki.org/wiki/Hosting_services
Main factor: graphical editor - it makes my life so much easier and editing process is so much faster.
This is free service - run by volunteers - cost participation is donations basis. I believe in best intention and team so far has been super-helpful. With that said - we need to establish backup strategy as in "no single point of failure".
I would like either:
- daily backups to off-site location
- documentation of miraheze internal backup strategy
One way or another we will learn something useful, one way or another the solution will become more stable.
Question to miraheze volunteers - do you have your backup strategy documented?
For instance, I'd be interested:
- where backup is hosted?
- how often?
- who has access?
- etc / etc / etc... (I trust you know what you are doing and yet it is my job to double check)
Thank you :) (I really appreciate your hard work)