mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-07-24 12:21:09 +00:00
style: Enable vscode spellcheck and fix typos/style (#2888)
Signed-off-by: fria <138676274+friadev@users.noreply.github.com> Signed-off-by: Daniel Gray <dngray@privacyguides.org>
This commit is contained in:
@@ -4,7 +4,7 @@ icon: 'material/eye-outline'
|
||||
description: Your threat model is personal to you, but these are some of the things many visitors to this site care about.
|
||||
---
|
||||
|
||||
Broadly speaking, we categorize our recommendations into the [threats](threat-modeling.md) or goals that apply to most people. ==You may be concerned with none, one, a few, or all of these possibilities==, and the tools and services you use depend on what your goals are. You may have specific threats outside of these categories as well, which is perfectly fine! The important part is developing an understanding of the benefits and shortcomings of the tools you choose to use, because virtually none of them will protect you from every threat.
|
||||
Broadly speaking, we categorize our recommendations into the [threats](threat-modeling.md) or goals that apply to most people. ==You may be concerned with none, one, a few, or all of these possibilities==, and the tools and services you use depend on what your goals are. You may have specific threats outside these categories as well, which is perfectly fine! The important part is developing an understanding of the benefits and shortcomings of the tools you choose to use, because virtually none of them will protect you from every threat.
|
||||
|
||||
<span class="pg-purple">:material-incognito: **Anonymity**</span>
|
||||
|
||||
@@ -16,7 +16,7 @@ Broadly speaking, we categorize our recommendations into the [threats](threat-mo
|
||||
|
||||
<span class="pg-viridian">:material-package-variant-closed-remove: **Supply Chain Attacks**</span>
|
||||
|
||||
: Typically a form of <span class="pg-red">:material-target-account: Targeted Attack</span> that centers around a vulnerability or exploit introduced into otherwise good software either directly or through a dependency from a third party.
|
||||
: Typically, a form of <span class="pg-red">:material-target-account: Targeted Attack</span> that centers around a vulnerability or exploit introduced into otherwise good software either directly or through a dependency from a third party.
|
||||
|
||||
<span class="pg-orange">:material-bug-outline: **Passive Attacks**</span>
|
||||
|
||||
@@ -36,7 +36,7 @@ Broadly speaking, we categorize our recommendations into the [threats](threat-mo
|
||||
|
||||
<span class="pg-green">:material-account-search: **Public Exposure**</span>
|
||||
|
||||
: Limiting the information about you that is accessible online—to search engines or the general public.
|
||||
: Limiting the information about you that is accessible online—to search engines or the public.
|
||||
|
||||
<span class="pg-blue-gray">:material-close-outline: **Censorship**</span>
|
||||
|
||||
@@ -67,7 +67,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
|
||||
|
||||
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
|
||||
|
||||
Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
|
||||
Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
|
||||
|
||||
</div>
|
||||
|
||||
@@ -134,7 +134,7 @@ Therefore, you should use native applications over web clients whenever possible
|
||||
|
||||
</div>
|
||||
|
||||
Even with E2EE, service providers can still profile you based on **metadata**, which typically isn't protected. While the service provider can't read your messages, they can still observe important things, such as who you're talking to, how often you message them, and when you're typically active. Protection of metadata is fairly uncommon, and—if it's within your [threat model](threat-modeling.md)—you should pay close attention to the technical documentation of the software you're using to see if there's any metadata minimization or protection at all.
|
||||
Even with E2EE, service providers can still profile you based on **metadata**, which typically isn't protected. While the service provider can't read your messages, they can still observe important things, such as whom you're talking to, how often you message them, and when you're typically active. Protection of metadata is fairly uncommon, and—if it's within your [threat model](threat-modeling.md)—you should pay close attention to the technical documentation of the software you're using to see if there's any metadata minimization or protection at all.
|
||||
|
||||
## Mass Surveillance Programs
|
||||
|
||||
@@ -147,7 +147,7 @@ Mass surveillance is the intricate effort to monitor the "behavior, many activit
|
||||
|
||||
If you want to learn more about surveillance methods and how they're implemented in your city you can also take a look at the [Atlas of Surveillance](https://atlasofsurveillance.org) by the [Electronic Frontier Foundation](https://eff.org).
|
||||
|
||||
In France you can take a look at the [Technopolice website](https://technopolice.fr/villes) maintained by the non-profit association La Quadrature du Net.
|
||||
In France, you can take a look at the [Technopolice website](https://technopolice.fr/villes) maintained by the non-profit association La Quadrature du Net.
|
||||
|
||||
</div>
|
||||
|
||||
@@ -180,7 +180,7 @@ If you're concerned about mass surveillance programs, you can use strategies lik
|
||||
|
||||
For many people, tracking and surveillance by private corporations is a growing concern. Pervasive ad networks, such as those operated by Google and Facebook, span the internet far beyond just the sites they control, tracking your actions along the way. Using tools like content blockers to limit network requests to their servers, and reading the privacy policies of the services you use can help you avoid many basic adversaries (although it can't completely prevent tracking).[^4]
|
||||
|
||||
Additionally, even companies outside of the *AdTech* or tracking industry can share your information with [data brokers](https://en.wikipedia.org/wiki/Information_broker) (such as Cambridge Analytica, Experian, or Datalogix) or other parties. You can't automatically assume your data is safe just because the service you're using doesn't fall within the typical AdTech or tracking business model. The strongest protection against corporate data collection is to encrypt or obfuscate your data whenever possible, making it difficult for different providers to correlate data with each other and build a profile on you.
|
||||
Additionally, even companies outside the *AdTech* or tracking industry can share your information with [data brokers](https://en.wikipedia.org/wiki/Information_broker) (such as Cambridge Analytica, Experian, or Datalogix) or other parties. You can't automatically assume your data is safe just because the service you're using doesn't fall within the typical AdTech or tracking business model. The strongest protection against corporate data collection is to encrypt or obfuscate your data whenever possible, making it difficult for different providers to correlate data with each other and build a profile on you.
|
||||
|
||||
## Limiting Public Information
|
||||
|
||||
|
Reference in New Issue
Block a user