This article gives generally sound advice but fails to take into account a threat model where you’re trying to defend against capitalism.
An example of a secure email provider is ProtonMail. This Swiss based company offers a free, end-to-end encrypted, email service.
Since ProtonMail was forcibly ordered by local Swiss police to deliver French activist user information by way of Interpol, their security can be deemed problematic by a number of people. Other secure email solutions include Delta.chat that deploys Autocrypt and works with any existing email provider, p≡p also deploys Autocrypt, but differently—and I have no personal experience of the software, just the people. Also, using OpenPGP encryption with classical email providers may be a bit more demanding, but works. See for example Riseup.net.
Concerning a decentralised system, https://element.io/ and https://newnode.com/ are advised.
NewNode is proprietary software and should therefore not be recommended.
Most of the free and commercial conference applications allow the encryption of audio and video streams (e.g., Skype, Zoom, WebEx, Jitsi) and they apply it by default.
Except for the last one, all of these applications belong to surveillance capitalists and put in place some facial recognition and other surveillance systems and should not be trusted, as any proprietary software. Zoom does not enable E2EE by default. Some of the others do not even seem to have this capacity.
The question is: do you really need video conferencing? If not, there are other solutions such as Mumble. Many-to-many video is generally useless and very energy hungry. Tox does not appear in any of the alternatives.
Anonymous Communication and Circumventing Censorship
I find it problematic to link to Twitter of F̶̥̈ȧ̶͜k̸̤̋ê̶̦b̸̠̎ơ̴̠ọ̸̍z̷̝̎ in this section, since even if you use Tor to connect to them, they will require you to login, so there’s no anonymity here.
options to encrypt the data on your hard drive. It is easy to switch on, but you will have to trust these vendors to have done a good job.
Of course, if you put aside the fact these companies are part of the PRISM surveillance network and share a history of abusing users. Not to be trusted.
enabling Multi-Factor Authentication (MFA)
You can use FreeOTP on Android, or pass-otp on GNU/Linux.
And do not forget … whom do you trust?
- Generally avoid trusting capitalist companies: they’re after you, not acting in your best interest.
