PHD comics on: Security in your neighbourhood coffee shop

PHD comics: Coffee Security

from: "Piled Higher and Deeper" by Jorge Cham at

Overview: Basic security practice

Passwords & Phishing

Passwords: The problem

First Steps: Passwords

xkcd on: Passwords

xkcd on passwords

from: "xkcd" by Randall Munroe at

Note: the password tester linked above, indeed, estimates

A password based on a long, creative passphrase might really be the state of the art.

Suggested Tools: Password Managers

First Steps: Avoid Phishing


Phishing example

Note the typos, and that the link leads to (read from right to left), not This is clearly phishing, and can be deleted.


Disk Encryption

First Steps: Disk Encryption

Suggested Tools: Disk Encryption

Deleting Data

Cloud Storage

First Steps: Cloud Storage

Suggested Tools: Cloud Storage

Most well known tools cannot be recommended, but SpiderOak is a better version of DropBox, and BitTorrentSync a good alternative for many purposes.


First Steps: Browsing

Suggested Tools: Secure Browsing - Search Engines

Suggested Tools: Secure Browsing - Browser Addons

Advanced Steps: Browsing with Tor

Suggested Tools: Secure Browsing - TOR

Virtual Private Networks

First Steps: VPNs

Suggested Tools: VPNs


Basic Steps: Secure Email

Suggested Tools: Secure Email

PGP Best Practices

Chat and Voice Calls

First Steps: Secure Chat and Voice Calls

Suggested Tools: Secure Chat (Text)

(Note: The EFF score refers to the EFF ScoreCard for secure messaging.)

We recommend iMessage for Apple users, and Signal and TextSecure for smartphones (iOS and Android, respectively).

Suggested Tools: Secure Voice calls

We recommend FaceTime for Apple users, and Signal and Redphone for smartphones (iOS and Android, respectively).

Suggested Tools: Whistleblowing


Information Leaks

Multiple Accounts

Defense in Depth

Advanced Steps