I’ve been planning on finally posting my work online and hopefully making a name for myself, maybe even having it evolve into a source of income; however, with all the stories about doxxing, account hacks and such, I’d like to come out of the gates with more protection than the average user seems to have. I’ve spent some time lurking on forums to figure out good general practices, and I’d like your help to see whether I’ve understood the recommendations properly and what else I may have missed.
OS: Nobara (Fedora) with a possible migration to Pop!_os (Ubuntu) once it migrates to their new DE. The reason for these distros in specific is their good OOTB Media Production and Wine capabilities for someone relatively new to Linux. This is all for a Workstation PC.
Browser: Firefox with PrivacyGuides’ recommendations (+uBlock, SponsorBlock, Unhook, Control Panel for Twitter) and without arkenfox to keep things from breaking.
Email security practices:
Social media: artistname@proton.me ⇽ SimpleLogin ⇽ Instagram, ArtStation, Twitter etc. ; artistname@gmail.com for YouTube only, since it needs a Google account anyway.
Possibly also using Firefox sync on mobile for these accounts.
Note that PG only recommends uBlock Origin as other extensions can increase your attack surface and cause a more unique fingerprint. That said, if you find them useful, I wouldn’t worry about them. However, if you are using sponsorblock for youtube, have you considered watching youtube videos through a frontend such as Invidious, NewPipe (Android), Freetube (desktop), or Piped?
Regarding your email, perhaps consider using a custom domain for your business email in order to make migrating to a different provider easier. It would also probably avoid any potential issues with paypal or other payment providers
Yes, see previous comment about custom domain. Also gives your business more of a ‘professional’ feel to it (IMO)
I don’t think your planned solutions are compatible with ease of use and a fairly low threat model.
If you want ease of use, first, you can try using a main stream OS with secure settings, full drive encryption, also with a vault app when necessary, for example. I don’t think Nobara (mostly for gamers), which is based on Fedora, is easy to use, you can’t modprobe an unsigned kernel module, for example. Pop!_OS, while it might be easy to use, is not doing a good job at security as secure boot is not currently supported.
I think just changing from Windows or macOS to Ubuntu would be sufficed, providing you enable firewall (not enabled by default) and FDE, and using Wayland. I wouldn’t trade OOTB media production and Wine capabilities for long-term ease of use or for the security of my OS.
Your email provider doesn’t matter much as far as security goes. It’s privacy that people use Proton, etc. instead of Gmail. If you want online presence, you might be better to use the same email across the board, at least, for credibility.
The thread, which you also participated and called it a waste of time, is hardly related to technical perspective, rather it’s I should use Firefox for my political reasons. There’s zero technical reason to explain why Firefox is more secure than Chromium based browsers.
I would argue that on desktop, the security difference is minimal. And even if Chromium is more secure technically (the article you linked is a year and a half old), for nearly all (if not all) users, the differences will not affect them.
The OP stated it clearly that he planned to use sync, and also with Firefox on mobile, which is not even the mobile browser that’s recommend by PG due to security reason.
Yet, most of the issues are still opening.
Probably. But if security is one’s goal, there’s no reason to use Firefox instead of Chromium. The fact that Chromium is more secure than Firefox is not related to your evaluation, that it doesn’t matter for most people (in your opinion).
Business and Inquiries should just be your gmail. Gmail is a more “professional” seeming email to the majority of people. Set it up so that it forwards to an alias that forwards to your proton.
Have all your social media accounts just use alias emails.
Keep your proton email to yourself. Use alias for non business stuff and your gmail for business contacts.
I had forgotten about secure boot, looking into it in these forums however, it seems the consensus is that it’s simply a nice thing to have rather than a make it, or break it deal; what with Fedora (which doesn’t come with SB) still being recommended on PrivacyGuides.
I’d be curious to see what you think about this, there is also further reading in that thread if you’re interested.
I can understand that, but by “ease of use” I more so meant ease of getting in to, i.e. short term ease of use, which in my mind reduces the chances of myself doing something wrong and worsening my security or even just breaking something and losing work.
I suppose at this point, I’m leaning towards Fedora Workstation and just adding everything I need myself; maybe also installing Nobara/Pop_os! on a separate disk for gaming only, keeping work and leisure separate would be good for both security and productivity, I imagine.
Fair enough, I would’ve thought it would be recommended on both desktop and mobile since it’s the same dev, but that’s on me for not checking. Thinking about it, I don’t really need sync on mobile, so I can have a different browser on that device, if I wanted to.
I’m not super familiar with frontends, I understand that it provides more privacy from Google, but how much extra security would it provide? Keep in mind, I also plan on uploading stuff.
ProtonMail offers a custom domain on one of their subscription tiers, would that make sense, or does it defeat the purpose of “migrating to a different provider easier”?
Wouldn’t an alias email still be better for something like Patreon in case it gets hacked? I would be using aliases for an added layer of security more than anything else.
I don’t see how an alias adds any extra security. gmail is a secure service. since its your customer facing email it wont matter if the email gets leaked in a data breach. All you would do in that situation is change your password. I am assuming you will have some sort of 2fa on all your email accounts regardless.
This is what i do for all my old email accounts. This way relatives who just cant be bothered to learn my new email address are able to contact me.
I am saying all of your customer facing email addresses should be @gmail accounts. Those accounts should then forward to an alias that forwards to your private proton mail account.
Never tell anyone the proton email account. This protects you from having your personal email leaked. It also keeps your private email at an arms distance from Google and, more importantly, any malicious emails sent to your gmail accounts by having them go through an alias which would remove trackers etc.
In short, do all your business with your gmail accounts. Gmail is secure and “professional” which is perfect for customer facing uses. Your proton account is for personal use to help provide privacy when you do not have your “business hat” on.
There’s not too much to worry about security wise on youtube… I was just suggesting the frontends as an alternative to using Sponsorblock extension (Newpipe has sponsorblock integration for example).
Yes that is what you want, but note that you have to purchase (its more like leasing IMO) your domain from a provider (I used namecheap). This allows you to switch to a different provider without changing your email address! You could have multiple email aliases such as contact@yourbusiness.com or yourname@yourbusiness.com (or whatever you want).
Madaidan (the author of the article @archerallstars linked to) is a security researcher and as such, their articles tend to be focussed on theoretical and hypothetical threats. So even if technically, Chromium is slightly more secure, it really doesn’t have an impact on most people. Also, the article is 1.5 years old so some of the issues mentioned (such as per site isolation being new) aren’t really as relevant IMO (granted I am not a security researcher, so take my opinion with a grain of salt). Firefox has a large staff working on it and lots of support, so many people in the privacy space feel that it is very secure (hence the PG recommendation).
IMO, Mozilla has done a lot for the open web and supporting Firefox by using it is well worth it (in order to help fight against Google’s monopoly of the browser space). Also, I just like the features that Firefox has
Note that Firefox on Android doesn’t have per site isolation yet, and thus many people here prefer Chromium on Android (hence no PG recommendation). However there are others (such as @SkewedZeppelin, creator of DivestOS) who recommend a Firefox fork on Android such as Mull (Browsers - DivestOS Mobile).
If I’ve understood correctly, you’re saying that the account creation process can be streamlined without sacrificing security.
So:
and
is redundant methodology and a streamlined version would be:
nevershare@proton.me ⇽ AnonAddy/SimpleLogin ⇽ artistname@gmail.com (One E-mail) ⇽ Social Media (Instagram, ArtStation, YouTube etc.) + Business (Patreon, Stripe, KoFi etc.) combined.
Since they would all be customer facing, whether for promotion or for direct compensation, respectively.
Further hardened by MFA for each account (Proton, Google, ArtStation, Patreon etc.) via ideally a Hardware Key (ex: Yubi Key) or Authentication Service (ex: ente Auth)
I’m also curious to see what you think about @exaCORE s’ suggestion about the custom domain.
I have very little experience in using a custom domain but, I am not sure what the benefit would be. Your business is yourself. Seems silly to be artistname@artistname.com and since your customer facing emails will be a gmail its not a domain people are going to look at suspiciously. Which is a reason people like to use custom domains instead something like artistname_(random characters)@simplelogin.com as people commonly mistake alias emails as temp emails and associate them with spammers.
But I will defer to @exaCORE as I have very little knowledge on the topic.
I think you might be making the common mistake of trying to implement “countermeasures” before assessing your threat model. Security is a highly individual process. You need to identify, in order:
What you are trying to protect
Who you are protecting it from
How you might be attacked by those people (how are you vulnerable)
What do you have to lose (what is your potential risk)
What you should do to prevent that from happening
This is not a process that you do once. It is not something on a scale from high to low. This is a series of questions you ask yourself every time you do anything. If you sign up for a new website, you follow this process. If you want to sync your browser data to your phone, you follow this process. If you want to sell some art online, you follow this process, etc.
When you just skip to step 5 and do everything “just to be safe,” you end up:
being reliant on forums and other sites to tell you what to do
spending time/energy/money on security measures which have no benefit, for a threat which probably won’t even impact you
potentially increasing your attack surface by using tools you’d otherwise have no reason to use in the first place
I know it is not fun advice, because we would all rather check off a list and call ourselves secure, but everyone’s goal should really just be to make this opsec process something that’s second nature to them. You practice brainstorming and identifying potential threats before everything you do, and it becomes instinctual.
When we talk about threat modeling, the goal is not to come up with a list of things to do. Using the thought process behind threat modeling is the goal on its own, that’s what’s important if you want to protect yourself.
