Which security tools do you use?

It looks like TrueCrypt is not secure anymore; 1; 2.

I’m taking the context of these news to ask you what kind of security tools and software do you use. I’m pretty sure there is a paranoid side within each of us :smile:

I open this discussion saying I created a PGP key for signing mailing lists mails. It is the only “security” thing I’m currently using, shame on me =P

(PS.: This might also be a suggestion of topic for a future show)

  • I avoid Windows :smiley:
  • I have installed PGP but rarely using it.
  • I use a different, long, cryptic password for every login. They are managed with KeePassX.
  • My Laptop (ThinkPad) encrypts my hdd by default.

Arch Linux with encrypted partitions, no swap, sleep or suspend.
GPG for encryption, KMail to handle encrypted email accounts. HTTPS Everywhere or its equivalent for web browsing. I make an effort to minimize contact with unsecure systems/networks and think through what I share on the net.

Security software? I just use Dropbox.


Hoping this post isn’t used as a way to try and figure out who might be easiest to hack by other unscrupulous persons, or most interesting challenge… :smile:

  • Well I avoid using Windows as much as possible at home (the wife has an old Win laptop she’s slightly paranoid about security with, I think is now well enough protected; I have one thats v.rarely used and has well-reviewed AV s/w on it but she does anything requiring more security on my up-to-date Ubuntu) - she’s not a techy in any way but she hasn’t found it hard to get used to, especially as mostly chrome/firefox, printing, and the odd relatively-simple doc in Libre.
  • Keepass for passwords, mostly the longest+most complexity possible on sites, using generated strings.
    I hate sites that only allow up to 8 chars or less for passwords or
    disallow symbols/spaces/are case insensitive. I look at for e.g. plaintextoffenders website and consider reviews/hack news and their treatment of, before I enter my details (especially for payment) anywhere.
  • 2 different-brand firewalls between any home wifi and our net connection.
  • 2FA for email/other important/dependent accounts, where possible.
  • Encrypted partition for any sensitive documents/data (the system
    itself ie /usr and the like, or /etc are not yet/won’t bother)
  • All possible connections on https/ssh, openvpn
    while outside or if on untrusted wifi
  • Using unique email addresses for some less-trusted/smaller services to help track how trustworthy they are going forward
  • Keeping up with security website news/blogs
  • ISP that isn’t one of the big-6 that gets told to monitor/filter
    connections in the UK
  • PGP keys, but not really used much yet.

For my own-domain stuff

  • Email servers with restricted IP access lists, and TLS setup, servers kept patched.
Please respect our code of conduct which is simple: don't be a dick.