I – Investigate: People have lost money, access and even been killed because of clicking on links in emails or messages that download malicious payloads to their devices. This malware can track your online behavior, deliver your gps coordinates to your enemies, give admin access of your device to another person or allow someone to listen to you or watch you via the microphone/camera. Try to read, watch and listen online rather than downloading. If you must download, then only from very trusted sites that have HTTPS:// access clearly displayed in your browser. And if something looks fishy, then it is fishy…leave it alone and walk on. You can do without that new nasheed on your iphone. Go to youtube and listen to it there.
L – Layers: Good security practice is always to layer your defenses so an adversary must pass many boundaries successfully before finally reaching you for the deathmatch. Good defenses are a VPN, TOR browser (https://www.torproject.org) which anonymizes you online by “shifting” your IP address so you look like you’re in a different place, encrypted personal messengers like Wickr or Threema, and a security conscious mentality. Walk online the same way you walk down a street in a shady neighborhood, be careful. TOR Browser also has the added greatness of being able to turn of scripts on websites which collect as much data as they can from you. Gotta love TOR.
A – Assess: Realize before you do anything that the level of sophistication of your adversary will always determine
the type of defenses you require. An anti-government dissident in Cairo sharing news and images of abuse will require far
more security consciousness than a casual online shopper in Jakarta buying a Coach bag for his wife. Learn as much
as you can to secure yourself for your environment. The more sophisticated, resource rich opponent with a team and time
will find you no matter what you do…it’s just a question of when and if Allah allows it. You’re one person, it just takes one tired evening after work to make a mistake, and they have a team that can work 24/7 waiting for that mistake. Therefore plan the best you can but understand that the odds are stacked against you so never get cocky. Be extremely focused, careful, practical and make dua to Allah to assist you inshallah.
T – Terminate: Never trust any piece of software with your life. If your information or words are so dangerous that someone
would kill you for them, stay offline as much as possible and connect only to distribute the information then disappear again.
Create that ghost dissident personality and a genuine real, regular character which you can use to check your email, talk to
friends etc. But never shall the two personalities meet each other. Example. A brother I know who is active against the regime
in Morocco uses Gmail, Firefox browser and Skype for everyday messaging and communications. His totally separate life as a dissident is exposing the crimes of the regime against the people and he uses VPN, TOR Browser, several encrypted messengers, TAILS, then terminates connection to the net for 22-23 hours a day from that device.
If it’s deadly important…memorize it, keep it offline and never believe marketing hype like “Unhackable” , “Impenetrable” , “Hackerproof” etc. Everything and anything can be hacked, retrieved and restored if the opponent has knowhow and enough desire.
This is just the tip of the ice berg…