End-user Computer Securitysim
Inexpensive security
for |
⊟ individuals |
Meta information |
|
Table of Contents |
|
- Preliminaries
- Main content
- Security of BIOS/UEFI firmware
- Regarding operating system
- Regarding how to obtain software
- Detection of malware in software
- Full system encryption, full disk encryption (FDE)
- Factory resets
- Sandboxing and cloud computing
- Password security
- Digital cryptography: security certificates, keys & tokens
- Backing-up security keys and passwords
- General security risks in digital storage
- USB devices vs. SD cards
- Flash memory: NOR flash vs NAND flash
- NAND flash memory vs magnetic storage
- Magnetic storage: tapes vs. discs
- Rewritable media vs optical ROM discs
- SD cards and USB memory sticks vs. larger devices
- Drives able to eject hardware-less media vs. other media
- More about SD cards
- How to obtain computer media devices
- Secure data sanitisation
- Stop funding the spies and hackers
- Report cyber-crime to the police
- Think in terms of gradual movement along a security-level continuum
- Minimally-above-average security
- Publishing security methods
- User randomly selecting unit from off physical shelves
- Ordering many units of same product
- Measuring physical properties for authentication
- Geospatial
- Time based
- Preventing lapses in security
- DIY security principle
- âDestroy key when attackedâ
- Relying on high production cost of certain security tokens
- Appendix
- Cryptocurrency-like mining to increase trust
- Lock screen with related sound-based security
- Client-server noise-audio-based secure-password-communication system
- Port source code to higher-level programming language as a computer-security step having its basis in secure coding
- Security by pre-loaded private key
Index (NOT FINISHED) |
|
2FA | [see â±2-factor authentication] |
2-factor authentication (2FA) | [see â±multi-factor authenticationâ±2-factor authentication] |
2nd hand | [see â±second hand] |
33c3 | [see â±33rd Chaos Communication Congress] |
33rd Chaos Communication Congress (33c3) | [see â±33rd Chaos Communication Congress] |
3D (3D means three dimensional) |
3D-optimised hardware | [see â±hardwareâ±3D-optimised hardware] |
A |
above-average security |
minimally-above-average security (broad security principle) | [see â±broad security principlesâ±minimally-above-average security] |
age of software, and devices |
old |
old mobile phone, mobile device (cf. §âOld or new phoneâ) |
old version of software (cf. §âVulnerability when used for softwareâ) |
new |
new mobile phone |
new software |
average security | [contrasts with â±above-average security] |
account security for your email account | [see â±electronic mailâ±email account security] |
acetone as a glue solvent | [see â±glueâ±glue solventsâ±acetone] |
administrator account | [see â±operating systemâ±operating-system login accountâ±administrator account] |
adversary | [related to â±computer security attackâ±threat model] |
intruder |
spy |
eavesdropper |
evil maid |
fraudster |
security hacker |
military |
government |
Man In The Middle |
psychics |
secret criminal society |
affordable | [see â±costsâ±affordable] |
artificial intelligence (AI) |
AI | [see â±artificial intelligence] |
algorithms | [see â±programmingâ±algorithms] |
alphabet | [see â±languageâ±alphabet] |
Andrew "bunnie" Huang | [see â±persons (individuals named in book)] |
Android (Android operating system for mobile devices) | [see â±operating systemâ±different operating systems] |
alarm (security alarm) |
motion detector alarm |
loud alarm |
amnesia and security in spite of it | [see â±security in spite of amnesia] |
antivirus software |
antivirus software on Android |
app (type of software program) |
Google Authenticator (key- and time- based app) |
Haven: Keep Watch |
Archimedesâ principle | [see â±physical propertiesâ±volume] |
asymmetric cryptography | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography] |
âat restâ |
âat restâ security location |
âat restâ data |
âat restâ shape retention (cf. §âPerhaps the simplest and best ideaâ) |
attack (computer security attack) |
different classes of attack |
'complete fake' attacks |
evil maid attack |
hardware hacking attack | [see â±hackâ±security hackingâ±hardware hacking.] |
health attack (eg. causing fatigue, concentration/memory loss, by use of directed non-lethal energy weapons) |
man-in-the-middle (MITM) attack |
mind-reading psychic attack |
âInceptionâ styled attacks |
replay attack |
tampering attack |
VDU signal interception attack |
specific attacks |
credential stuffing |
malicious sneaky replacement of full-disk encryption system with historic clone of system that has known vulnerabilities |
attack vectors |
bootloader (of computer system) |
computer screen |
computer keyboard |
device ROM malware |
further writes to optical discs that are otherwise seemingly read-only |
general visual spying |
multi-booting (cf. §âWhich OS?â) â...There is unlikely much point in dual-booting between Windows and Linux because if Windows is hacked,...â (cf. §âQubes OS 4.0.3 side-by-side with other operating systemsâ) â...any such other OS should not be able to access or even âtouchâ the Qubes OS installation, thereby hopefully safeguarding the Qubes installation from attacks conducted through the other presumably-less-secure OS.â |
psychic spying |
password reuse |
random access memory (see §âMagnetic storage: tapes vs. discsâ) |
attack window (cf. §Using_most_secure_window_of_time) | [see â±window of timeâ±attack window] |
(cf. §âRewritable media vs optical ROM discsâ] |
attack surface |
âdestroy key when attackedâ | [see â±keysâ±digital keyâ±âdestroy key when attackedâ] |
auditing source code | [see â±programming, coding, reprogrammingâ±source codeâ±auditing source code] |
authentication |
authentication keys | [see â±keyâ±digital keyâ±authentication key] |
cross authentication of public-key-cryptography (aka asymmetric cryptography) |
security certificates | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificatesâ±cross authentication] |
measuring physical properties for authentication |
testing for security authentication | [see â±testing] |
auto-power-off of laptop | [see â±powering computer systemsâ±automatic powering off of the laptop] |
automatic powering off of the laptop | [see â±powering computer systemsâ±automatic powering off of the laptop] |
B |
backup, back-up (computer backup) |
backing-up before factory reset |
backing-up files (computer files) |
after discovery of having been hacked |
backing-up security keys and passwords | [contrasts and can complement â±keyâ±digital keyâ±destroying keys] |
Shamir's Secret Sharing |
bad blocks (on digital storage media) | [see â±digital storageâ±mediaâ±bad blocks] |
balance-of-probabilities | [see â±probabilityâ±balance-of-probabilities] |
banking (financial banking) | [see â±financialâ±banking] |
bare bones | [see â±systemsâ±propertiesâ±bare bones] |
Basic Input Output System (BIOS used in computer boot sequences) | [see â±bootâ±bootloaderâ±first-stage boot loader] |
âbells and whistlesâ | [see â±systemsâ±propertiesâ±âbells and whistlesâ] |
best practice (perhaps not complete) |
for creating a read-only CD or DVD |
for obtaining software |
for backing-up files after being hacked |
BIOS | [see â±Basic Input Output System] |
Bitcoin | [see â±financialâ±currencyâ±cryptocurrencyâ±different currenciesâ±Bitcoin] |
blackbox | [see â±systemsâ±propertiesâ±blackbox] |
Bluetooth | [see â±communicationâ±wireless communicationâ±typesâ±Bluetooth] |
boot (computerâs startup sequence) |
bootable media |
bootkits |
bootloader |
first-stage boot loader (such as in BIOS or UEFI) |
not requiring second stage |
Coreboot |
Heads (built on top of Coreboot technology) |
second-stage boot loader (no content at present) |
cold, or warm booting (warm boot is also known as soft off/boot) |
cold boot | [see â±powering computer systemsâ±system power statesâ±powered-off] |
soft off/boot, warm boot | [see â±powering computer systemsâ±system power statesâ±soft off/boot, warm boot] |
multi-booting |
dual-booting |
Boots photo printing (UK) | [see â±businessâ±online printing businesses] |
braille | [see â±languageâ±braille] |
brain-reading | [see â±mentalâ±mind readingâ±brain reading] |
broad security principles |
âdestroy key when attackedâ | [see â±data destructionâ±âdestroy key when attackedâ] |
DIY security principle |
geospatial-based broad security principles |
measuring physical properties for authentication | [see â±authenticationâ±measuring physical properties for authentication] |
minimally-above-average security |
ordering many units of same product | [see â±order, orderingâ±ordering many units of same product] |
preventing lapses in security |
publishing security methods |
relying on high production cost of certain security tokens |
report cyber-crime to the police | [see â±report, reportingâ±report cyber-crime to the police] |
stop funding the spies and hackers |
think in terms of gradual movement along a security-level continuum |
time-based broad security principles |
âbased on time passedâ security principle |
âbased on time taken to forgeâ security principle |
using most secure window of time |
user randomly selecting unit from off physical shelves | [see â±businessâ±shopâ±physical shopâ±physical shelves] |
browser for web/internet | [see â±web/internet browser] |
building software | [related to â±programming] |
build from source, compile from source |
reproducible builds |
detecting malware by using reproducible builds | [see â±malwareâ±detecting malware in source codeâ±by using reproducible-builds protocol] |
compile |
bubble wrap | [see â±shape flexibilityâ±bubble wrap] |
budget (financial constraint) | [see â±costsâ±financial constraints] |
budget (cheap) | [see â±costsâ±cheap] |
burning, burn (writing CDs, DVDs, etc.) | [see â±hardwareâ±drives and readersâ±optical disc driveâ±optical disc writersâ±writing optical discsâ±optical disc writersâ±writing optical discs] |
burner phones | [see â±phonesâ±mobile phonesâ±burner phones] |
business (intersects with manufacturer, producer) |
business models (no content at present) |
open-source vs. closed-source (no content at present) |
company (business) |
company registration number |
company registered office |
names of different businesses named in book |
Boots |
GitHub | [see â±systemsâ±collaborative developmentâ±GitHub] |
Kodak |
Nitrokey |
Oracle | [see â±Oracle] |
PC World |
Sandisk |
Tesco |
Yubico |
online printing businesses |
Boots |
Kodak |
Tesco |
shop |
physical shop |
physical shelves |
user randomly selecting unit from off physical shelves (broad security principle) |
online shop |
second-hand shop |
sole trader |
small business |
byte-for-byte comparison |
C |
camera | [related to â±photography] |
camera phone |
digital camera |
card readers for SD cards | [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±card readers for SD cards] |
cardboard |
cardboard | [see â±materialsâ±cardboard] |
cardboard ârestricted viewing enclosureâ | [see â±view restrictionâ±cardboard ârestricted viewing enclosureâ] |
compact disc | [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±CDs] |
CD | [see â±compact disc] |
certification authorities (for public-key-cryptography security certificates) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificatesâ±certification authoritiesâ±] |
certificates for security based on public-key cryptography (aka asymmetric cryptography) | [see â±security certificate for public-key cryptography] |
channels (purchase channels) | [see â±purchasingâ±purchase channels] |
changing passwords and keys |
when to change |
changing password to one previously used | [see â±passwordâ±password reuse] |
changing encryption keys frequently in FDE | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryptionâ±frequent changing of encryption keys] |
cheap | [see â±costsâ±cheap] |
China | [see â±countries mentioned in bookâ±China] |
Chaos Communication Congress | [see â±organisations and businessesâ±names of non-business organisationsâ±Chaos Communication Congress] |
ChromeOS | [see â±operating systemâ±different operating systems] |
Chromebook, Chromebox, Chromebit | [see â±personal computerâ±different âready-to-runâ PCs marketed as productsâ±Chromebook, Chromebox, Chromebit] |
Chrome web browser | [see â±web/internet browser] |
Cipher | [see â±cryptography, cryptographicâ±cipher] |
client (in server-client computing model) | [see â±server-client computing modelâ±client] |
cling film | [see â±materialsâ±transparent materialâ±cling film] |
cloned physical key | [see â±keyâ±physical keyâ±cloned key] |
closed/open source | [see â±open/closed source] |
clouds | [see â±cloud computingâ±clouds] |
cloud computing | [related to â±server-client computing model] | [related to â±sandboxing] |
clouds |
Oracle Cloud | [see â±Oracleâ±Oracle Cloud] |
code (source code) | [see â±programmingâ±source code] |
coding (programming) | [see â±programming] |
cognitive power | [see â±mentalâ±cognitive power] |
coin tossing | [see â±randomâ±generating randomnessâ±coin tossing] |
collaborative development | [see â±systemsâ±collaborative development] |
comparing files (computer files) | [see â±fileâ±file comparison] |
'complete fake' attacks (computer security attack) | [see â±attackâ±different classes of attack] |
computer screen lock/locking (aka screensaver lock) |
computer security attack | [see â±attack] |
communication |
communication protocol |
zero-knowledge authentication protocol |
communication protocols for computing devices |
protocols that are also standards |
for wireless communication |
Bluetooth |
NFC (Near-Field Communication) |
WiFi |
internet protocols |
Hypertext Transfer Protocol Secure (HTTPS) | [related to â±Transport Layer Security] |
Transport Layer Security should be added here? |
communicating trust in âproofs of workâ associated with cryptocurrencies |
devices used for communication? |
thin/fat clients? |
mobile phone? |
file transfer, file transmission, sending files | [see â±fileâ±file transfer, file transmission, sending files] |
gazettes as a means for overcoming MITM attacks |
interception of communication in MITM attacks |
family of attacks (blocking comms, imposture, stealing/spying of confidential information) |
Add language? |
modes of message-based communication |
electronic mail (email) |
email account security (email account security) |
cf. two-step security for Google account |
importance of electronic-mail account security (cf. §âNational Cyber Security Centreâ) |
email encryption | [covered under ..â±email security] |
email security (email security) | [related to ..â±email account security] |
PGP (Pretty Good Privacy) cryptography for email security (could perhaps do with more content here, cf. Main_contentâ±Broad_security_principle#Example_2) |
encrypting emails (no content at present) |
digitally signing emails (cf. Main_content/Broad_security_principles#Example_2) |
PGP cryptography in general | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Pretty Good Privacy cryptography] |
software for communication |
web/internet browser |
text-message |
OEM software as a means for communicating software to end-users? |
over the internet? |
add postal mail? |
printing as part of communication process |
secure communication |
using encryption? |
add public-key cryptography? |
add cipher? |
key scrambler? |
of files (no content at present) (â±fileâ±file/file transfer, file transmission, sending filesâ±secure communication of files) (cf.Appendix invention). |
of public keys? Non-compromised communication of public keys. (cf. Appendix invention). |
of security certificates by pre-installing them on computing devices? |
of passwords? (flavour-encoding, etc.) (cf. Appendix invention) |
add website publishing here? |
server-client model vs. peer-to-peer model, for communications |
add I/O communication? |
wireless/wired communication |
wireless |
types |
WiFi |
WiFi protocol | [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±WiFi] |
WiFi network | [see ..â±..â±..â±networksâ±WiFi network] |
WiFi router | [see â±hardwareâ±routerâ±WiFi router] |
NFC (Near-Field Communication) |
NFC protocol | [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±NFC] |
Bluetooth |
Bluetooth protocol | [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±NFC] |
hardware |
WiFi router | [see â±hardwareâ±routerâ±WiFi router] |
networks |
WiFi network |
wired |
types |
USB |
PS/2 |
serial/parallel port (no content at present) |
ethernet |
conscious thoughts | [see â±mentalâ±conscious thoughts] |
company (business) | [see â±business, company] |
compile | [see â±building softwareâ±compile] |
computer analysis |
computer case |
cookies |
combination lock |
combination lock briefcase |
computer operating costs | [see â±costsâ±operating costsâ±computer operating costs] |
computer peripheral |
USB keyboards |
Bluetooth devices |
memory sticks |
computer screws |
computer security standards | [see â±cybersecurity standards] |
concealment |
Coreboot (BIOS/UEFI boot firmware system) | [see â±bootâ±bootloader, first-stage boot loader] |
coronavirus disease 2019 |
costs |
affordable | [related to ..â±cheap] (cf. UV tinting of already-owned glasses) |
cheap (cf. low cost, cf. low price, cf. paper-based scrambler [which is cheap], cf Report cybercrime to the police) | [because OEM software is often cheap means for obtaining software, related to â±softwareâ±OEM software] [because open source is often cheap, associated with â±open/closed sourceâ±open source] |
expensive |
relying on high production cost of certain security tokens (broad security principle) | [see â±broad security principles, relying on high production cost of certain security tokens] |
financial constraints, budget | [related to ..â±affordable] | [see â±financial, financial constraints] |
operating costs |
computer operating costs |
stop funding the spies and hackers (broad security principle) | [see â±broad security principlesâ±stop funding the spies and hackers] |
countries mentioned in book |
China |
United Kingdom |
United States of America |
Germany |
Holland |
Netherlands | [see ..â±Holland] |
COVID-19 | [see â±coronavirus disease] |
cracking passwords | [see â±password cracking] |
credential stuffing |
crime reporting to the police, for cyber-crime | [see â±report, reportingâ±report cyber-crime to the police] |
cross authentication |
cross authentication of digital security certificates | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificatesâ±cross authentication] |
crumpling plastic bag |
cryptocurrencies/cryptocurrency | [see â±financialâ±cryptocurrency] |
cryptography, cryptographic |
Algorithms | [covered under ..â±protocols and algorithms] |
cipher |
cryptocurrencies/cryptocurrency | [see â±financialâ±cryptocurrency] |
disk encryption |
full-disk encryption (FDE) | [see ..â±full-system encryption, full-disk encryption] |
encrypting emails using PGP security | [covered under ..â±protocols and algorithmsâ±public-key cryptographyâ±Pretty Good Privacy cryptographyâ±PGP cryptography for email security] |
encrypting a full system, a full disk | [see ..â±full-system encryption, full-disk encryption] |
encryption using passwords | [see â±passwordâ±password encryption] |
FDE | [see ..â±full-system encryption, full-disk encryption] |
full-system encryption, full-disk encryption (FDE) |
frequent changing of encryption keys |
password encryption | [see â±passwordâ±password encryption] |
protocols and algorithms |
asymmetric cryptography (aka public-key cryptography) | [see ..â±public-key cryptographyâ±] |
public-key cryptography (aka asymmetric cryptography, using public-private key pair, digital cryptography) |
cryptocurrencies/cryptocurrency | [see â±financialâ±cryptocurrencyâ±public-key cryptography] |
digital signing/signatures of files (no particular content at present) |
public key |
private key |
private key |
security by pre-loaded private key | [see â±systemsâ±designâ±security by pre-loaded private key] |
Pretty Good Privacy (PGP) cryptography |
PGP cryptography for email security | [see â±electronic mailâ±email securityâ±PGP cryptography for email security] |
PGP public key |
software |
GNU Privacy Guard (GPG) | [see â±software tools, software utilitiesâ±cryptographyâ±GPG] |
Transport Layer Security (TLS) | [related to â±Hypertext Transfer Protocol Secure] |
TLS security certificates |
security certificates |
certification authorities |
cross authentication |
security certificate |
specific types |
TLS security certificates | [see ..â±..â±..â±Transport Layer Securityâ±TLS security certificates] |
signing/signatures | [see ..â±digital signing/signatures] |
security certificates for public-key-cryptography (aka asymmetric-cryptography) authentication | [see ..â±protocols and algorithmsâ±public-key cryptographyâ±security certificates] |
security tokens for public-key cryptography | [see â±security tokensâ±security tokens for public-key cryptography] |
software |
Google Authenticator (key- and time- based app) | [see â±appâ±Google Authenticator] |
cryptographic software tools, software utilities | [see â±software tools, software utilitiesâ±cryptography] |
system encryption |
full-system encryption | [see ..â±full-system encryption, full-disk encryption] |
tokens for public-key cryptography | [see â±security tokensâ±security tokens for public-key cryptography] |
currency | [see â±financialâ±currency] |
cushioning, cushion |
custom, customisation |
custom BIOS/UEFI |
cybersecurity standards | [see â±standardsâ±standards for securityâ±cybersecurity] |
D |
âdata at restâ | [see â±âat restâ data] |
data structures |
data destruction | [contrasts and can complement â±backupâ±] |
âdestroy key when attackedâ | [contrasts and can complement â±backupâ±backing-up security keys and passwords] |
crypto shredding | [contrasts and can complement â±backupâ±backing-up security keys and passwords] |
data sanitisation |
data erasure |
physical destruction |
data erasure |
data sanitisation |
deleting files | [see â±fileâ±file deletion] |
design of systems | [see â±systemsâ±design] |
âdestroy key when attackedâ (broad security principle) | [see â±broad security principlesâ±âdestroy key when attackedâ] |
destructive measuring | [see â±measuring method types] |
detecting malware in source code | [see â±malwareâ±detecting malware in source code] |
deteriorate (cf. deterioration in factory resets) |
deterioration due to frequent changing of encryption keys in FDE | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryptionâ±frequent changing of encryption keys] |
diamonds |
imitation diamonds (see dedicated index entry) |
dice (rolling dice) | [see â±randomâ±generating randomnessâ±rolling dice] |
diffraction | [see â±optical effects] |
diff | [see â±software tools, software utilitiesâ±file comparisonâ±diff] |
diffoscope | [see â±software tools, software utilitiesâ±file comparison] |
digital camera | [see â±cameraâ±digital camera] |
digital certificates for security based on public-key cryptography (aka asymmetric cryptography) | [see â±security certificate for public-key cryptography] |
digital signing/signatures | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±digital signing/signatures] |
digital storage |
media |
bad blocks |
microchip-based computer memory (hardware-based) |
ROM (Read-only Memory) | [see â±memoryâ±ROM] |
RAM (Random-access Memory) | [see â±memory â±RAM] |
flash memory | [see â±memoryâ±flash memory] |
non-microchip-based memory (hardware-less) |
all types, alphabetical listing |
compact disc (CD) | [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±optical/compact disc] |
digital versatile disc (DVD) | [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±digital versatile disc] |
floppy disk | [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±floppy disk] |
hard disk drive (HDD) | [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±hard disk drive] |
holographic data storage | [see ..â±..â±Random-access Memoryâ±holographic data storage] |
magnetic-optical tape | [see ..â±..â±Sequential-access Memoryâ±tapeâ±magnetic-optical] |
magnetic-optical discs | [see ..â±..â±Random-access Memoryâ±dis(c|k)-basedâ±magnetic-opticalâ±magnetic-optical discs] |
magnetic tape (eg. cassette tapes) | [see ..â±..â±Sequential-access Memoryâ±tapeâ±magnetic] |
optical tape | [see ..â±..â±Sequential-access Memoryâ±tapeâ±optical] |
SAM | [see ..â±Sequential-access Memory] |
Sequential-access Memory (SAM) |
tape |
optical |
magnetic |
magnetic-optical |
drives for such media | [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±tape drives] |
RAM | [see ..â±Random-access Memory] |
Random-access Memory (RAM) |
dis(c|k)-based |
optical |
optical ROM (read-only memory) discs | [read-only CDs, read-only DVDs, etc.] |
writing (aka burning) optical ROM discs |
as live DVDs, or live CDs |
burner for such media | [see ..â±writer for such media] |
compact disc (CD) |
digital versatile disc (DVD) |
drive for such media | [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±optical disc drives] |
writer (burner) for such media | [covered under ..â±âdrive for such mediaâ] |
magnetic |
floppy disk |
drive for floppy disks | [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±floppy disk drive] |
hard disk drive (HDD) |
magnetic-optical |
magnetic-optical discs |
holographic data storage (no information at present) |
hardware | [see â±hardwareâ±digital-storage hardware] |
disk encryption |
full-disk encryption (FDE) | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption] |
DIY | [see â±Do It Yourself] |
downloads, downloading |
Do It Yourself (DIY) |
DIY ultrasound imaging kit | [see â±physical propertiesâ±images] |
DIY security principle (broad security principle) | [see â±broad security principlesâ±DIY security principle] |
drives (computer drive) and readers (card readers for computer systems) | [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±] |
dual-booting (a special instance of multi-booting) | [see â±bootâ±multi-booting] |
Digital Video Disc | [see â±Digital Versatile Disc] |
Digital Versatile Disc | [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±DVDs] |
DVD | [see â±Digital Versatile Disc] |
E |
eavesdropper, eavesdropping | [see â±spyâ±eavesdropper] |
Eiffel (Eiffel programming language) | [see â±programmingâ±programming languagesâ±Eiffel] |
electronic keyboard signals |
electric fields |
electric field imaging | [see â±physical propertiesâ±image] |
electronic mail | [see â±communicationâ±electronic mail] |
electromagnetic |
electromagnetic radiation |
electromagnetic spectrum |
[see â±communicationâ±electronic mail] |
EM radiation | [see â±electromagnetic radiation] |
embedded |
embedded microcontrollers |
emoji | [see â±languageâ±emoji] |
emulators (type of software that emulates another software) |
Wine Is Not an Emulator (Wine) (Windows emulator for Unix-like operating systems) |
engineering |
encryption | [covered under â±cryptography, cryptographicâ±] |
epoxy resin |
espionage | [see â±spy] |
ethernet |
error correction |
error correction algorithms |
Essex police | [see â±police] |
evil maid attack | [see â±attackâ±different classes of attack] |
Expensive | [see â±costsâ±expensive] |
F |
factory resets |
fail safe |
fantasy (fiction) |
fat clients | [see â±server-client computing modelâ±clientâ±thin/fat clientsâ±fat clients] |
FDE (full-disk encryption, full-system encryption) | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption] |
file (computer file) | [related to â±digital storage] |
backing up files | [see â±backupâ±backing up files] |
digital-signing of files, and the use of such signatures | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±digital signing/signaturesâ±of files] |
file comparison |
to detect malware introductions when using reproducible-builds protocol |
byte-for-byte comparison | [see â±byte-for-byte comparison for general treatment of byte-for-byte comparison] |
software tools and utilities | [see â±software tools, software utilitiesâ±file comparison] |
file deletion (no particular content at present) |
recoverable deletion (no particular content at present) |
data sanitisation | [falls under â±data destructionâ±data sanitisation] |
file transfer, file transmission, sending files |
downloads, downloading (no particular content at present) | [falls under â±downloads, downloading] |
secure communication of files | [see â±secure communicationâ±of files] |
malware in files (no particular content at present) | [see â±malwareâ±malware in files] |
forge, forgery |
âbased on time taken to forgeâ broad security principle | [see â±broad security principlesâ±time-based broad security principlesâ±âbased on time taken to forgeâ security principle] |
financial | [related to â±costs] |
banking |
bank references (transaction references) |
bank transactions | [see â±financialâ±financial transactionsâ±bank transactions] |
bank systems | [see â±financialâ±financial systemsâ±bank systems] |
bank transfer |
bank branch |
currency |
weak currency |
money |
monetary amounts |
cryptocurrency |
authentication coins |
different currencies |
Bitcoin |
Bitcoin keys | [see ..â±..â±..â±cryptocurrency keysâ±Bitcoin keys] |
cryptocurrency keys |
Bitcoin keys |
cryptocurrency security | [see â±standardsâ±security standardsâ±cryptocurrency] |
cryptocurrency systems | [see â±financialâ±financial systemsâ±cryptocurrency systems] |
cryptocurrency transactions | [see â±financialâ±financial transactionsâ±cryptocurrency transactions] |
mining cryptocurrency |
proof of work |
public-key cryptography (using public-private key pair, aka asymmetric cryptography) |
public-key cryptography in general | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography] |
financial constraints, budget | [see â±costsâ±financial constraintsâ±budget] |
financial systems |
bank systems |
cryptocurrency systems (no particular information at present) |
financial transactions |
bank transactions |
cryptocurrency (such as Bitcoin) transactions |
refund |
security in finance |
cryptocurrency security | [see â±standardsâ±security standardsâ±cryptocurrency] |
using bank branches |
treasure map | [see â±treasure map] |
fingerprint |
firmware |
flash/flashing |
flash cells |
flash memory | [see â±memoryâ±flash memory] |
flavours |
floppy disk | [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±floppy disk] |
foam |
foam peanuts |
foil |
reflective foil |
form factor |
fraud |
full-system encryption, full-disk encryption (FDE) | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption] |
G |
gazette |
Gas Chromatography Mass Spectrometry machine |
GC-MS machine | [see â±Gas Chromatography Mass Spectrometry] |
GDPR | [see â±General Data Protection Regulation] |
General Data Protection Regulation | [see â±legislationâ±GDPR] |
geographic areas | [see â±geospatial] |
geospatial |
geographic areas, geographies |
see countries mentioned in book |
geospatial-based broad security principles | [see â±broad security principlesâ±geospatial-based broad security principles] |
Germany | [see â±countries mentioned in bookâ±Germany] |
GitHub | [see â±systemsâ±collaborative developmentâ±GitHub] |
Glacier protocol | [see â±standardsâ±security standards] |
glare | [see â±optical effects] |
glasses (looking glasses, spectacles) |
glitter nail varnish |
glue |
glue solvents |
acetone |
super glue |
Google Authenticator (key- and time- based app) | [see â±apps] |
government |
GNUâs-Not-Unix! Privacy Guard (GPG) | [see â±software tools, software utilitiesâ±cryptographyâ±GPG] |
GNU Privacy Guard (GPG) | [see â±software tools, software utilitiesâ±cryptographyâ±GPG] |
GPG | [see â±software tools, software utilitiesâ±cryptographyâ±GPG] |
Greek alphabet | [see â±languageâ±alphabetâ±non-latin alphabetâ±Greek alphabet] |
graphical user interface (GUI) (for computing) |
gravitational weight | [see â±physical propertiesâ±weight] |
GUI | [see â±graphical user interface] |
H |
hack |
hacker culture |
security hacking |
backing up files after discovery of having been hacked | [see â±backupâ±backing up filesâ±after discovery of having been hacked] |
hardware hacking |
deep hardware hacking |
mindset of hackers |
stop funding the spies and hackers (broad security principle) | [see â±broad security principlesâ±stop funding the spies and hackers] |
hand-made paper | [see â±natural hand-made paper] |
hardware (computer hardware) |
digital-storage hardware |
drives (computer drive) and readers (card readers for computer systems) |
card readers for SD cards | [see â±memory | [microchip-based computer memory]â±flash memoryâ±Secure Digital cardsâ±readers] |
floppy disk drive |
optical disc drives |
writer (aka burner) |
writing (aka burning) optical discs |
writing (aka burning) optical ROM discs (can be DVDs, CDs) | [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±opticalâ±optical ROM discsâ±writing optical ROM discs] |
tape drives |
in relation to media |
hardware-less media (for digital storage) | [see â±digital storageâ±mediaâ±non-microchip-based memory] |
hardware-based media (for digital storage) | [see â±digital storageâ±mediaâ±non-microchip-based memory] |
hardware hacking | [see â±hackâ±security hackingâ±hardware hacking] |
hardware considered as either open-source or closed-source |
open-source hardware | [opposite of ..â±closed-source hardware] |
Novena open-source computing hardware platform |
(cf. USB device firmware specifications being more open) |
closed-source hardware | [opposite of ..â±open-source hardware] |
(cf. SD card firmware not having open specifications?) |
open/closed source in general | [see â±open/closed source] |
processor |
processor idle time |
processor-hour work |
router |
WiFi router |
trustable hardware |
hardware optimisation |
3D-optimised hardware |
hardware researchers/specialists |
Andrew Bunnie Huang |
Trammel Hudson |
hard disk drive | [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±hard disk drive] |
Haven: Keep Watch | [see â±apps] |
HDD | [see â±hard disk drive] |
Heads (BIOS/UEFI boot firmware system) | [see â±bootâ±bootloaderâ±first-stage boot loader] |
hibernate (a computerâs hibernate mode) | [see â±powering computer systemsâ±system power statesâ±hibernate] |
higher-level programming language | [see â±programmingâ±programming languagesâ±higher-level programming language] |
high-risk, high-sensitivity |
historic version of the software | [see â±old software, old devices] |
historic software (historic version of the software) | [see â±historic version of the software] |
hoax |
deceptive fake (cf. forgery) (cf. evil maid attack where computer is replaced with deceptive fake) cf. âA counter-argument to using this protocol is that adversaries with supercomputers can easily fake such numbers of coinsâŠ..â |
Holland | [see â±countries mentioned in bookâ±Holland] |
hologram, holography, holographic |
holographic data storage | [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±holographic data storage] |
home and mobile working | [related to â±remote working] |
home made |
hotel |
HTTPS | [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ± Hypertext Transfer Protocol Secureâ±] |
Hypertext Transfer Protocol Secure | [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±Hypertext Transfer Protocol Secureâ±] |
I |
image |
magnetic image | [see â±physical propertiesâ±image] |
magnetic resonance imaging | [see â±physical propertiesâ±magnetic resonance imaging] |
visual image | [see â±physical propertiesâ±image] |
radio-frequency imaging | [see â±physical propertiesâ±image] |
RF imaging | [see â±physical propertiesâ±image] |
electric field imaging | [see â±physical propertiesâ±image] |
photography | [see â±photography] |
T ray | [see â±physical propertiesâ±imageâ±t ray] |
X ray | [see â±physical propertiesâ±imageâ±x ray] |
ultrasound image | [see â±physical propertiesâ±imageâ±ultrasound image] |
imitation diamonds |
âInceptionâ (the film) |
âInceptionâ styled attacks | [see â±attackâ±different classes of attackâ±mind-reading psychic attackâ±âInceptionâ styled attacks] |
deep hardware hacking | [see â±hackâ±security hackingâ±hardware hackingâ±deep hardware hacking] |
industrial radiography |
infra-red scanning | [see â±physical properties] |
infrared filter | [see â±physical properties] |
ink |
ink paper marbling | [see â±paperâ±ink paper marbling] |
input/output (input and output aspect of computing hardware) |
I/O | [see â±Input/Output] |
infra red | [see â±physical propertiesâ± infra red] |
installation media |
installation software | [see â±softwareâ±installation software] |
intellectual property |
intellectual property concerning source code and designs |
open source | [opposite of ..â±closed source] |
open source in general | [see â±open/closed sourceâ±open source] |
closed source | [opposite of ..â±open source] |
closed source in general | [see â±open/closed sourceâ±closed source] |
internal Read-Only Memory (of a computer system) |
internal ROM | [see â±internal Read-Only Memory] |
internet |
internet research (cf. internet searching) |
internet bandwidth, internet quota |
internet browser | [see â±web/internet browser] |
inventions for security | [see â±security invention] |
isolation |
physical isolation |
software isolation |
K |
keyboard (computer keyboard) |
keyboard privacy |
key |
digital key |
asymmetric cryptography | [aka public-key cryptography] | [see ..â±public-key cryptographyâ±] |
authentication key |
backing-up security keys | [covered under â±backupâ±backing-up security keys and passwords] |
destroying keys | [contrasts and can complement â±backupâ±backing-up security keys and passwords] |
crypto shredding | [see â±data destructionâ±crypto shredding] |
âdestroy key when attackedâ | [see â±data destructionâ±âdestroy key when attackedâ] |
frequent changing of encryption keys in FDE | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryptionâ±frequent changing of encryption keys] |
public-key cryptography (using public-private key pair, aka asymmetric cryptography) |
PGP (Pretty Good Privacy) public key | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±PGP public key] |
private key | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±private key] |
public key | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±public key] |
Bitcoin keys | [see â±financialâ±currencyâ±cryptocurrencyâ±different currenciesâ±Bitcoinâ±Bitcoin keys] |
tokens for public-key-cryptography keys | [see â±security tokensâ±security tokens for public-key cryptography] |
physical key | [related to â±physically lock, physical lockâ±physical -key lock] |
cloned key | [see â±cloned key] |
key loggers |
key scrambler (aka keyboard scrambler) |
key servers |
keystrokes |
keyboard (for computer) |
Kodak online printing (UK business) | [see â±businessâ±online printing businesses] |
Kosagi (Team Kosagi) |
L |
language |
alphabet |
Latin alphabet |
non-Latin alphabet |
Greek alphabet |
unicode |
non-verbal symbol |
word symbol |
braille |
emoji |
Morse code |
programming language | [see â±programmingâ±programming language] |
pronunciation |
unicode |
lapse(s) in security | [see â±security lapse] |
laptop |
Latin alphabet | [see â±languageâ±alphabet] |
legislation (hardly any content at present) |
GDPR (General Data Protection Regulation) |
lenticular printing |
library |
light rays |
Linux (OS) | [see â±operating systemâ±different operating systems] |
live DVD, live CD |
location (geospatial) | [see â±geospatial] |
lock (physical) | [see â±physical lock] |
locking, and lock for, computer screen | [see â±computer screen lock/locking] |
login, log-in, log-off |
log-off (no particular content at present?) |
loud alarm | [see â±alarmâ±loud alarm] |
low cost | [see â±costsâ±cheap] |
M |
magnetic fields, magnetism, magnet, magnetic |
magnetic tape (computer storage, eg. cassette tapes) | [see â±digital storageâ±non-microchip-based memoryâ±Sequential-access Memoryâ±tapeâ±magnetic] |
magnetic-optical | [see â±magnetic-optical] |
magnetic weight | [see â±physical propertiesâ±weight] |
magnetic image | [see â±physical propertiesâ±image] |
magnetic resonance imaging | [see â±physical propertiesâ±magnetic resonance imaging] |
MRI | [see â±physical propertiesâ±magnetic resonance imaging] |
magnetic-optical |
computer storage media |
tape | [see â±digital storageâ±non-microchip-based memoryâ±Sequential-access Memoryâ±tapeâ±magnetic-optical] |
discs | [see â±digital storageâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±magneticâ±magnetic-optical discs] |
magnetic tape (computer storage, eg. cassette tapes) | [see â±digital storageâ±non-microchip-based memoryâ±sequential-access Memoryâ±tapeâ±magnetic] |
malware |
malware in files (no particular content at present) |
detecting malware in source code |
by using reproducible-builds protocol |
in general |
file-comparison aspect | [see â±fileâ±file comparisonâ±to detect malware introductions when using reproducible-builds protocol] |
manufacturer, producer (intersects with business) (manufacturers and producers named in book) |
OEM | [see â±original equipment manufacturer] |
cf. providerâs authentication server in §âSecurity by pre-loaded private keyâ |
<different manufacturer names> |
Sandisk |
Qubes |
marbling (paper marbling) | [see â±paperâ±paper marbling] |
Mark Fernandes | [see â±persons] |
mass storage |
materials |
acetone | [see ..â±glue solventsâ±acetone] |
bubble wrap | [see ..â±unrepeatable-pattern materialsâ±shape-retentive materials that are very easily deformedâ±bubble wrap] |
cardboard |
cling film | [see ..â±transparent materialâ±cling film] |
crumpling plastic material | [see ..â±shape-retentive material that is very easily deformedâ±plastic that crumples] |
foam peanuts | [see ..â±unrepeatable-pattern materialsâ±polystyrene piecesâ±foam peanuts] |
foil (reflective foil) that is shredded | [see ..â±unrepeatable-pattern materialsâ±shreddedâ±shredded reflective foil] |
glitter nail varnish | [see ..â±unrepeatable-pattern materialsâ±glitter nail varnish] |
glue |
super glue |
glue solvent |
acetone |
hand-made paper | [see ..â±paperâ±hand-made paper] |
holographic material that is shredded | [see ..â±unrepeatable-pattern materialsâ±shreddedâ±shredded holographic material] |
imitation diamonds | [see ..â±transparent materialâ±imitation diamonds] |
ink |
ink |
ink-marbled paper | [see ..â±paperâ±ink-marbled paper] |
mylar x-ray film | [see ..â±x-ray filmâ±mylar x-ray film] |
newspaper | [see ..â±paperâ±newspaper] |
paint |
paper |
hand-made paper |
ink marbled-paper |
newspaper |
printer paper |
tea-bag marbled stained paper |
shredded paper |
plastic, transparent pouch/bag material | [see ..â±transparent materialâ±plastic pouch/bag material] |
plastic that crumples | [see ..â±unrepeatable-pattern materialsâ±shape-retentive material that is very easily deformedâ±plastic that crumples] |
polystyrene pieces | [see ..â±unrepeatable-pattern materialsâ±polystyrene pieces] |
printer paper | [see ..â±paperâ±printer paper] |
reflective foil that is shredded | [see ..â±unrepeatable-pattern materialsâ±shreddedâ±shredded reflective foil] |
rice grains | [see ..â±unrepeatable-pattern materialsâ±rice grains] |
security tape |
sellotape |
shredded | [see ..â±unrepeatable-pattern materialsâ±shredded] |
shell-suit material | [see ..â±unrepeatable-pattern materialsâ±shape-retentive material that is very easily deformedâ±shell-suit material] |
silk | [see ..â±unrepeatable-pattern materialsâ±shape-retentive material that is very easily deformedâ±silk] |
super glue | [see ..â±glueâ±super glue] |
tea-bag marbled stained paper | [see ..â±paperâ±tea-bag marbled stained paper] |
tie-dye material | [see ..â±unrepeatable-pattern materialsâ±materials that might be suitableâ±tie-dye material] |
transparent material |
cling film | [related to ..â±..â±unrepeatable-pattern materialsâ±shreddedâ±shredded cling film] |
imitation diamonds | [related to ..â±..â±unrepeatable-pattern materialsâ±imitation diamonds] |
plastic pouch/bag material |
transparent beads | [related to ..â±..â±unrepeatable-pattern materialsâ±transparent beads] |
transparent plastic that is shredded | [related to ..â±..â±unrepeatable-pattern materialsâ±shreddedâ±shredded transparent plastic] |
unrepeatable-pattern materials |
glitter nail varnish |
imitation diamonds |
materials that might be suitable |
paper |
ink-marbled paper | [see ..â±..â±..â±paperâ±ink-marbled paper] |
newspaper | [see ..â±..â±..â±paperâ±newspaper] |
printer paper | [see ..â±..â±..â±paperâ±printer paper] |
tea-bag marbled stained paper | [see ..â±..â±..â±paperâ±tea-bag marbled stained paper] |
tie-dye material | [see ..â±..â±..â±paperâ±tie-dye material] |
polystyrene pieces |
foam peanuts |
rice grains |
shape-retentive materials that are very easily deformed |
bubble wrap |
plastic that crumples |
shell-suit material |
silk |
shredded |
shredded cling film |
shredded holographic material |
shredded optical discs |
shredded paper | [see ..â±..â±..â±paperâ±shredded paper] |
shredded transparent plastic |
shredded reflective foil |
transparent beads |
x-ray film |
mylar x-ray film |
water |
materially written |
Matthew Garrett | [see â±persons] |
measurements, readings of physical properties | [see â±physical propertiesâ±readingsâ±measuring] |
measuring method types |
invasion related |
invasive |
non-invasive |
destruction related |
destructive |
non-destructive |
memorisation, memorise |
memory (microchip-based computer memory) |
ROM | [see â±Read-only Memory] |
RAM | [see â±Random-access Memory] |
flash memory |
NOR flash (NOR stands for the not-or logic gate) |
NAND flash (NAND stands for the not-and logic gate) |
SD cards | [see â±Secure Digital cards also in this group] |
Secure Digital cards (SD cards) |
types |
form factors |
original |
mini |
micro |
smartphone internal SD cards |
readers for SD cards | [see â±hardwareâ±digital-storage hardwareâ±drives and readersâ±card readers for SD cards] |
SSD | [see â±solid-state drive] |
mental |
cognitive power |
visual cognitive power |
conscious thoughts |
mental process |
mindset of hackers | [see â±hackâ±security hackingâ±mindset of hackers] |
mind reading |
brain-reading |
psychic |
psychic attack | [see â±attackâ±different classes of attackâ± mind-reading psychic attack] |
psychic powers |
security in spite of amnesia | [see â±security in spite of amnesia] |
thinking outside the box |
message digest |
MFA | [see â±multi-factor authentication] |
microwave oven | [see â±microwave testing] |
military |
military policy |
scorched earth |
other policies (no content at present) |
mindset of hackers | [see â±hackâ±security hackingâ±mindset of hackers] |
minimally-above-average security (broad security principle) | [see â±broad security principlesâ±minimally-above-average security] |
multi-factor authentication (MFA) |
2-factor authentication (special instance of MFA) |
Micah Lee (a long-time Qubes advocate) |
microchip (computer microchip, chip is abbreviation) |
microchip-based computer memory | [see â±memory | [microchip-based computer memory]] |
microcontroller |
Micro SD cards | [see â±Secure Digital cards] |
mind reading | [see â±mentalâ±mind reading] |
miracle, miraculous |
Man In The Middle |
memory stick | [see â±USB memory stick] |
metal |
metal boxes |
Michael A. Caloyannides | [see â±persons] |
microphone |
MITM | [see â±Man In The Middle] |
mobile devices |
mobile phone | [see â±phonesâ±mobile phones] |
mobile working | [see â±home and mobile working] |
monetary amounts | [see â±financialâ±currencyâ±moneyâ±monetary amounts] |
Morse code | [see â±languageâ±Morse code] |
motherboard |
motherboard ROM |
motion detector alarms | [see â±alarmsâ±motion detector alarms] |
MrChromebox |
multi-step security | [see â±MFA] |
multi-booting | [see â±bootâ±multi-booting] |
mylar x-ray film | [see â±physical properties] |
N |
naked eye | [related to â±visible spectrum] |
National Cyber Security Centre for the UK (NCSC) | [see â±organisations and businessesâ±names of non-business organisationsâ±National Cyber Security Centre] |
natural hand-made paper |
NCSC | [see â±organisations and businessesâ±names of non-business organisationsâ±National Cyber Security Centre] |
Neo public-key-cryptography USB security tokens | [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokensâ±brandsâ±Yubikey, Yubicoâ±Neo] |
Near Field Communications (NFC) | [see â±communicationâ±wireless communicationâ±typesâ±NFC] |
new software, and devices | [see â±age of software, and devicesâ±new] |
Netherlands | [see â±countries mentioned in bookâ±Netherlands] |
network for wireless communication | [see â±communicationâ±wireless communicationâ±network] |
newspaper | [see â±paperâ±newspaper] |
NFC | [see â±communicationâ±wireless communicationâ±typesâ±NFC] |
Nitrokey brand of USB security tokens | [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokensâ±brandsâ±Nitrokey] |
noise (random noise) | [related to â±unrepeatable pattern] |
visual noise |
audio noise |
white noise audio |
non-Latin alphabet | [see â±languageâ±alphabet] |
non-verbal symbol | [see â±languageâ±non-verbal symbol] |
NOR flash (flash microchip memory) | [see â±memory | [microchip-based computer memory]â±flash memory] |
NAND flash (flash microchip memory) | [see â±memory | [microchip-based computer memory]â±flash memory] |
non-invasive measuring methods | [see â±measuring method typesâ±non-invasive] |
non-destructive measuring methods | [see â±measuring method typesâ±non-destructive] |
Novena open-source computing hardware platform | [see â±hardwareâ±hardware considered as either open-source or closed-sourceâ±open-source hardwareâ±Novena open-source computing hardware platform] |
O |
obtaining software | [see â±softwareâ±obtaining softwareâ±] |
occlusion |
original equipment manufacturer (OEM) software | [see â±softwareâ±OEM software] |
OEM software | [see â±softwareâ±OEM software] |
old software, and devices | [see â±age of software, and devicesâ±old] |
online printing business | [see â±businessâ±online printing business] |
online shop | [see â±businessâ±shopâ±online shop] |
open/closed source |
considered as a business model | [see â±businessâ±business modelsâ±open-source vs. closed-source] |
open source | [opposite of ..â±closed source] |
open source source code | [see â±programmingâ±source codeâ±source code considered as either open source or closed sourceâ±open source source code] |
open source hardware | [see â±hardwareâ±hardware considered as either open-source or closed-sourceâ±open-source hardware] |
open source considered as intellectual property | [see â±intellectual propertyâ±intellectual property concerning source code and designsâ±open source] |
closed source | [opposite of ..â±open source] |
closed source source code | [see â±programmingâ±source codeâ±source code considered as either open source or closed sourceâ±closed source source code] |
closed source hardware | [see â±hardwareâ±hardware considered as either open-source or closed-sourceâ±closed-source hardware] |
closed source considered as intellectual property | [see â±intellectual propertyâ±intellectual property concerning source code and designsâ±closed source] |
optical disc (such as CDs and DVDs) | [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±opticalâ±dis(c|k)-based] |
optical ROM discs (read-only CDs, read-only DVDs, etc. {ROM=read-only memory}) | [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±opticalâ±optical ROM discs] |
optical effects |
transparency |
translucency (no content at present). |
reflectivity (cf. glare) |
refractivity |
diffraction | [related to interference patterns in â±hologram, holography..] |
stereoscopy (no content at present). |
polarisation |
moving images revealed in holograms by moving hologram. |
optical tape | [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Sequential-access Memoryâ±tapeâ±optical] |
option ROMs (ROM=read-only memory) |
Oracle |
Oracle Cloud |
Oracle Cloud compute instance |
Oracle Cloud Linux | [see â±operating systemâ±different operating systems] |
Oracle Cloud Linux compute instance |
organisations and businesses |
business | [see â±business] |
names of non-business organisations |
Chaos Communication Congress |
Essex police | [see ..â±governmentalâ±policeâ±Essex police] |
National Cyber Security Centre (NCSC) | [see ..â±governmentalâ±country-specificâ±UKâ±National Cyber Security Centre] |
Qubes OS project (for general info about Qubes OS) | [see â±Qubes OS] |
Raspberry Pi Foundation (for general info about Raspberry Pi technology) | [see â±Raspberry Pi] |
Wikimedia Foundation (for general info about Wikipedia, which is owner by the foundation) | [see â±Wikipedia] |
governmental |
country-specific |
UK |
National Cyber Security Centre (NCSC) |
Essex police |
USA government |
Chinaâs government |
military |
police |
police in general |
Essex police | [see ..â±..â±country-specificâ±UKâ±Essex police] |
names of organisations and businesses |
Boots |
certification authorities |
Chaos Communication Congress |
China government |
Essex police |
GitHub | [see â±systemsâ±collaborative developmentâ±GitHub] |
government |
Kodak |
National Cyber Security Centre (NCSC) |
Nitrokey |
Oracle |
PC World |
police |
Qubes OS project |
Raspberry Pi Foundation |
Sandisk |
secret criminal societies |
Tesco |
USA government |
Wikimedia Foundation |
Yubico |
operating system (OS) (base platform software for using a computer) |
different operating systems |
Windows |
Linux or Linux-based |
Oracle Cloud Linux |
Qubes OS |
Raspberry Pi OS |
Raspberry Pi OS |
general info about Raspberry Pi technology | [see â±Raspberry Pi] |
ChromeOS |
Android operating system (for mobile devices) |
operating-system login account |
Administrator account |
operating costs | [see â±costsâ±operating costs] |
order, ordering (request for product/service) | [related to â±purchasing] |
compared with non-order acquisition of goods (ordering is prone to MITM attacks) |
ordering many units of same product (broad security principle) |
ordering goods requiring physical transit to customer |
security for goods in physical transit | [see â±physical transitâ±security for goods in physical transit] |
returning orders | [see â±product return] |
OS (operating system) | [see â±operating system] |
outside the box | [see â±mentalâ±thinking outside the box] |
P |
padlock |
padlockable laptop bag |
painting, paint |
paper? |
paper shredders |
paper marbling |
ink paper marbling |
tea-bag marbled stained paper |
hand-made paper | [see â±natural hand-made paper] |
paper tears |
printer paper |
recycled paper |
newspaper |
password |
changing passwords | [covered under â±changing passwords and keys] |
strong password |
password encryption |
password encoding |
password reuse |
password blacklisting |
password capture |
password manager (aka password vault) |
password cracking |
communicating passwords (cf. Appendix) |
rate limiting in password attempts |
pattern (graphical pattern) |
personal computer (PC) |
different âready-to-runâ PCs marketed as products |
Chromebook, Chromebox, Chromebit | [see â±server-client computing modelâ±clientâ±web client computersâ±Chromebook, Chromebox, Chromebit] |
persons (individuals named in book) |
Andrew "bunnie" Huang (computer hardware researcher and specialist) |
Mark Fernandes (software developer, original author of this book) |
Matthew Garrett (technologist, software developer, worked on secure boot protocol) |
Michael A. Caloyannides (author of âDesktop Witness: The Do's and Don'ts of Personal Computer Securityâ) |
Trammell Hudson (principal developer of the Heads BIOS/UEFI boot firmware system) |
PC | [see â±personal computer] |
PC World |
peer review |
Cf. Raspberry Pi, cf. peer review in âbuild from sourceâ section, cf. publishing security methods section (in broad principles section) |
pencil |
peripheral (computer peripheral) |
phones |
mobile phones |
age of phone |
old mobile phone | [see â±age of software, and devicesâ±oldâ±old mobile phone, mobile device] |
new mobile phone | [see â±age of software, and devicesâ±newâ±new mobile phoneâ±mobile device] |
burner phones |
smartphones |
internal SD cards in smartphones | [see â±memory | [microchip-based computer memory]â±flash memoryâ±SD cardsâ±smartphone internal SD cards] |
PGP public key | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±Pretty Good Privacy cryptographyâ±PGP public key] |
PGP cryptography | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±Pretty Good Privacy cryptography] |
phish |
photography, photograph, photographing |
visible-spectrum photography |
camera | [see â±camera] |
photo printing |
security-photo matching software | [see â±softwareâ±security-photo matching software] |
physical disturbance |
physical isolation (cf. §âBased on time passedâ) |
physical key | [see â±keyâ±physical key] |
physically lock, physical lock | [related to â±safe] |
combination lock |
padlock |
physical -key lock | [related to â±keyâ±physical key] |
physical properties |
weight |
gravitational weight |
magnetic weight |
weighing scales |
images |
visual images |
magnetic images |
magnetic resonance imaging |
RF imaging | [see below, radio-frequency imaging] |
radio-frequency imaging |
electric field imaging |
photography | [see â±photography] |
T ray (Terahertz radiation scan analogous to an x ray) |
ultrasound images |
DIY ultrasound imaging kit |
ultrasonic sensor |
X ray |
mylar x-ray film |
readings, measuring |
measuring physical properties for authentication | [see â±authenticationâ±measuring physical properties for authentication] |
ultrasound |
volume (space in 3D) |
Archimedesâ principle |
X ray |
industrial radiography |
infra red |
infrared scanning |
infrared filter |
microwave testing |
microwave oven |
radio-frequency detection |
radio-frequency field |
sound |
ultrasound |
physical shelves | [see â±businessâ±shopâ±physical shopâ±physical shelves] |
physical shop/store | [see â±businessâ±shopâ±physical shop] |
physical transit |
security for goods in physical transit |
politics, political |
piggy-back |
pinhole (pinhole material) |
pinhole glasses |
pins (motherboard pins) |
pixel, pix-elated |
plastic |
plastic bags | [see â±shape flexibilityâ±plastic bag] |
platform (computer platform) |
polarisation | [see â±optical effects] |
police |
Essex police | [see â±organisations and businessesâ±names of non-business organisationsâ±Essex police] |
report cyber-crime to the police | [see â±report, reportingâ±report cyber-crime to the police] |
polarised (polarised optical filter) |
polystyrene pieces (such as those used for cushioning parcelled items) | [see â±foam peanuts] |
porting source code to higher-level programming language | [see â±programmingâ±source codeâ±porting source code to higher-level programming language] |
post (mail) |
power states (system power states) | [see â±powering computer systemsâ±system power states] |
powering computer systems |
auto-power-off |
system power states (for computer system) |
working (s0) |
sleep mode (s1, s2, s3) |
hibernate (s4) (no content at present) |
soft off/boot, warm boot (s5) (no content at present) |
powered-off (step in cold booting) (G3) (cf. securing bootloader when in powered-off...)(there are two types of shutdown {G3}: graceful and hard) |
Pretty Good Privacy (PGP) cryptography | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±Pretty Good Privacy cryptography] |
principles of security that are broad | [see â±broad security principles] |
printed, printing, print |
on paper |
3D printers (3D=three-dimensional, no content at present). |
lenticular printing |
printer paper | [see â±paperâ±printer paper] |
privacy screen filters | [see â±privacy screens | [filters]] |
privacy screens |
privacy screen filters |
privacy keyboard screen |
programming, coding, reprogramming | [related to â±hackâ±hacker culture] |
secure coding |
porting source code to higher-level programming language | [see ..â±..â±source codeâ±porting source code to higher-level programming language] |
programming languages |
Eiffel |
higher-level programming language |
porting source code to higher-level programming language | [see ..â±..â±..â±source codeâ±porting source code to higher-level programming language] |
algorithms |
denoising algorithms |
cryptography algorithms | [see â±cryptography, cryptographicâ±algorithms] |
source code |
auditing source code |
by using collaborative development | [see â±systemsâ±collaborative developmentâ±when used for auditing source code changes] |
detecting malware in source code | [see â±malwareâ±detecting malware in source code] |
porting source code to higher-level programming language |
building from source | [see â±building softwareâ±building from source] |
source code considered as either open source or closed source |
open source source code | [opposite of ..â±closed source/source code] |
closed source source code | [opposite of ..â±open source source code] |
open/closed source in general | [see â±open/closed source] |
probability, probabilistic | [related to â±random] |
balance-of-probabilities |
product return |
product ordering | [see â±order, ordering] |
proof of work | [see â±financialâ±cryptocurrenciesâ±proof of work] |
pronunciation | [see â±languageâ±pronunciation] |
pros vs cons (for and against) |
protocols |
for cryptography | [see â±cryptography, cryptographicâ±protocols and algorithms] |
for communication | [see â±communicationâ±communication protocols for computing devices] |
that are also standards | [see â±standardsâ±protocols] |
reproducible-builds protocol | [see â±building softwareâ±reproducible builds] |
zero-knowledge authentication protocol |
provider |
psychic | [see â±mentalâ±mind readingâ±psychic] |
PS/2 (keyboard interface standard, PS/2 means IBM Personal System/2, IBM stands for International Business Machines and is a technology company) |
public authentication PGP key | [see â±keyâ±digital keyâ±public-key cryptographyâ±PGP public key] |
public domain |
private key | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±private key] |
âprivate-public key pairâ encryption | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography] |
public key | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±public key] |
public-key cryptography (aka asymmetric cryptography) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography] |
âpublic-private key pairâ encryption | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography] |
public places |
publish, publishing |
publishing security methods (broad security principle) | [see â±broad security principlesâ±publishing security methods] |
purchase, purchasing | [related to â±ordering] |
costs of purchases | [see â±costs] |
purchasing channels |
purchasing software | [intersects with â±softwareâ±obtaining softwareâ±] |
refunds for purchases | [see â±financialâ±refund] |
returning purchased products | [see â±product return] |
shop from which purchases can be made | [see â±businessâ±shop] |
Q |
QC parameters | [see â±quality-control parameters] |
quality-control parameters |
quantum entanglement (analogy, in respect of testing one unit to determine properties of second unit) | [see â±testing] |
Qubes OS |
Qubes OS / Qubes | [see â±operating systemâ±different operating systems] |
entity behind Qubes OS | [see â±organisations and businessesâ±names of non-business organisationsâ±Qubes OS project] |
R |
radio frequency |
radio-frequency imaging (RF imaging) | [see â±physical properties] |
radio-frequency detection (RF detection) | [see â±physical properties] |
radio-frequency fields | [see â±RF fields] [see â±physical properties] |
random | [related to â±probability] |
generating randomness |
coin tossing |
rolling dice |
Random Access Memory (RAM) |
user randomly selecting unit from off physical shelves (broad security principle) | [see â±businessâ±shopâ±physical shopâ±physical shelves] |
RAM | [contrasts with â±SAM] | [see â±randomâ±Random Access Memory] |
Raspberry Pi |
products |
Raspberry Pi Zero |
Raspberry Pi OS | [see â±operating systemâ±different operating systems] |
creator (of Raspberry Pi products) | [see â±organisations and businessesâ±names of non-business organisationsâ±Raspberry Pi Foundation] |
rate limiting |
readers (card readers for computer systems) | [covered under â±hardwareâ±digital-storage hardwareâ±drives and readersâ±] |
read only |
Read-only Memory (ROM) |
microchip-based computer memory | [see â±digital storageâ±media, microchip-based computer memoryâ±ROM] |
optical ROM discs (eg. read-only CDs, read-only DVDs) | [see â±digital storageâ±mediaâ±non-microchip-based memoryâ±Random-access Memoryâ±dis(c|k)-basedâ±optical] |
recycle, recycled, recycling |
recycled paper | [see â±paperâ±recycled paper] |
refund | [see â±financialâ±refund] |
reflectivity | [see â±optical effects] |
refractivity | [see â±optical effects] |
regulation (a type of legislation) | [see â±legislation] |
restricted viewing enclosure | [see â±view restrictionâ±cardboard ârestricted viewing enclosureâ] |
remote control (remotely controlling computer) |
remote working | [related to ..â±home and mobile working] |
replay attack | [see â±attackâ±different classes of attack] |
report, reporting |
report cyber-crime to the police (broad security principle) |
reproducible builds | [see â±building softwareâ±reproducible builds] |
reprogrammable firmware |
response and recovery (cf. 変What to do when you discover your computer has been hacked) |
return (product return) | [see â±product return] |
reverse engineering |
rewritable media |
RF (radio frequency) | [see â±radio frequency] |
rice grains |
rolling dice | [see â±randomâ±generating randomnessâ±rolling dice] |
ROM | [see â±Read-only Memory] |
rote memory |
router | [see â±hardwareâ±router] |
S |
safe (physical safe) | [related to â±physically lock, physical lock] |
safe-mode |
SAM | [contrasts with â±RAM] | [see â±Sequential Access Memory] |
sandboxing | [related to â±cloud computing] |
science fiction |
screen privacy |
screensaver lock | [covered under â±computer screen lock/locking] |
screen lock | [covered under â±computer screen lock/locking] |
screws |
computer screws | [see â±computer screws] |
scorched earth | [see â±militaryâ±military policyâ±scorched earth] |
SD card | [see â±Secure Digital card] |
seal (security seal) |
Secure Digital card (SD card) | [see â±memoryâ±flash memoryâ±SD card] |
second hand (used goods, services, etc.) (not brand new) |
second hand shop | [see â±businessâ±shopâ±second-hand shop] |
secure coding |
secure communication | [see â±communicationâ±secure communication] |
security in spite of amnesia (cf. security reminders) |
security by pre-loaded private key | [see â±systemsâ±designâ±security by pre-loaded private key] |
security via mass adoption |
secret criminal society | [see â±secret societyâ±secret criminal society] |
security in cyber secure systems and their design | [see â±designâ±design of cyber secure systems] |
secret society |
secret criminal society |
security credentials |
secure data sanitisation |
security alarm | [see â±alarmâ±security alarm] |
security bag |
security certificate for public-key cryptography (aka asymmetric cryptography) |
security certificate for public-key cryptography | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±security certificates] |
security certificate for Transport Layer Security (TLS) (digital security certificate) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Securityâ±TLS security certificates] |
security community, security researchers |
security derived from source-code auditing |
security habit |
security hole |
security invention |
security lapse |
preventing lapses in security | [see â±broad principlesâ±preventing lapses in security] |
security level (complements âthreat modelâ concept) |
think in terms of gradual movement along a security-level continuum (broad security principle) |
[see â±broad security principlesâ±think in terms of gradual movement along a security-level continuum] |
security location for resting | [see â±âat restâ security location] |
security method publishing (broad security principle) | [see â±broad security principlesâ±publishing security methods] |
security-photo matching software | [see â±softwareâ±security-photo matching software] |
security principles that are broad | [see â±broad security principles] |
security products and services (cf. §âNational Cyber Security Centreâ) |
Qubes |
Linux |
GPG | [see â±software tools, software utilitiesâ±cryptographyâ±GPG] |
Heads |
Coreboot |
Google Authenticator (key- and time- based app) |
lock |
padlocks |
combination lock briefcase |
âŠ. |
security rating | [related to â±security level] | [see â±standardsâ±security standardsâ±security rating] |
security reminder (cf. Preventing lapses in security) (can sometimes overcome amnesia) |
security standards | [see â±standardsâ±security standards] |
security tape |
security testing |
security tokens |
relying on high production cost of certain security tokens (broad security principle) | [see â±broad security principlesâ±relying on high production cost of certain security tokens] |
security tokens for public-key cryptography |
USB tokens |
brands |
Nitrokey |
Yubikey, Yubico |
Neo |
general information on public-key cryptography | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptography] |
security warning |
security whilst asleep | [see â±sleeping, and security when asleep] |
security zone | [related to â±broad security principlesâ±geospatial-based broad security principles] |
sellotape |
Sequential Access Memory (SAM) |
server | [see â±server-client computing modelâ±server] |
server-client computing model |
client (client computer/software) |
client |
thin/fat clients |
thin clients (similar to web client computers) |
X terminal |
fat clients |
web client computers (similar to thin clients) |
Chromebook, Chromebox, Chromebit |
server (computer/software server) |
server |
server-side processing |
Shamir's Secret Sharing | [see â±backupâ±backing-up security keys and passwordsâ±Shamir's Secret Sharing] |
shape retention âat restâ | [see â±âat restâ shape retention] |
shape flexibility (cf. §âPerhaps the simplest and best ideaâ) |
(in relation to shell-suit material, silk scarves, bubble wrap, and plastic bags) |
(in relation to bag/pouch) |
sharing, share, shared |
shell-suit | [see â±shape flexibilityâ±shell-suit] |
shelves |
physical shelves | [see â±businessâ±shopâ±physical shopâ±physical shelves] |
shop | [see â±businessâ±shop] |
shreds, shredding, shredder |
shrink-wrapped |
shutdown (computer shutdown, there are two types: graceful and hard) | [see â±powering computer systemsâ±system power statesâ±sleep mode] |
signing/signature (digital signatures in cryptography) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±digital signingâ±signatures] |
silk |
silk scarf/scarves | [see â±shape flexibilityâ±silk scarves] |
single-key password mechanism |
sleep (a computerâs sleep mode) | [see â±powering computer systemsâ±system power statesâ±sleep mode] |
sleeping, and security when asleep |
small business | [see â±businessâ±small business] |
smartphone | [see â±phonesâ±mobile phonesâ±smartphones] |
snooping, snoop |
software (cf. listed, advertised, and supported security products and services on NCSC website) |
security-photo matching software |
installation software |
obtaining software |
best practice | [see â±best practiceâ±for obtaining software] |
obtained when distributed as pre-installed OEM software |
from software repositories such as GitHubâs repositories |
OEM software |
preinstalled, and as method for obtaining software | [see ..â±..â±obtaining softwareâ±obtained when distributed as pre-installed OEM software] |
different classes of software |
antivirus software | [see â±antivirus software] |
apps | [see â±apps] |
bootloader | [see â±bootâ±bootloader] |
cryptography-related | [see â±cryptography, cryptographicâ±software] |
emulators | [see â±emulators] |
internet browser | [synonym for ..â±web browser] |
operating system | [see â±operating system] |
tools, utilities | [see â±software tools, software utilities] |
web/internet browser | [see â±web/internet browser] |
names of different software mentioned |
Android | [see â±operating systemâ±different operating systems] |
ChromeOS | [see â±operating systemâ±different operating systems] |
diff | [see â±software tools, software utilitiesâ±file comparison] |
diffoscope | [see â±software tools, software utilitiesâ±file comparison] |
Haven: Keep Watch | [see â±apps] |
Heads | [see â±bootâ±bootloaderâ±first-stage boot loader] |
Chrome internet browser | [see â±web/internet browser] |
Coreboot | [see â±bootâ±bootloaderâ±first-stage boot loader] |
Google Authenticator (key- and time- based app) | [see â±apps] |
GPG | [see â±software tools, software utilitiesâ±cryptographyâ±GPG] |
Linux | [see â±operating systemâ±different operating systems] |
Oracle Cloud Linux | [see â±operating systemâ±different operating systems] |
Qubes OS | [see â±operating systemâ±different operating systems] |
Raspberry Pi OS | [see â±operating systemâ±different operating systems] |
Windows | [see â±operating systemâ±different operating systems] |
Wine | [see â±emulators] |
software developer, software development |
cf. §â8 Principles of Secure Development & Deploymentâ |
software isolation |
software repositories |
sole trader | [see â±businessesâ±sole trader] |
solvent (glue solvent) | [see â±glueâ±glue solvents] |
source (source code) | [see â±programmingâ±source code] |
âspot the differenceâ (game) |
spy, spying, spies, espionage |
eavesdropper |
stop funding the spies and hackers (broad security principle) | [see â±broad security principlesâ±stop funding the spies and hackers] |
steganographic (steganography) |
white-on-white text |
stereoscopy | [see â±optical effects] |
storage media (digital storage media) | [see â±digital storageâ±mediaâ±] |
storage components |
stranger |
submerging in water | [see â±waterâ±submerging in water] |
sunglasses |
software tools, software utilities (class of software) |
file comparison |
diff |
diffoscope |
cryptography |
GPG (GNUâs-Not-Unix! Privacy Guard) |
solid-state drive (SSD) |
sound |
ultrasound |
SSD | [see â±solid-state drive] |
standards |
protocols (there are also protocols that arenât standards) | [see ââ±protocolâ for such other protocols] |
for communication between computing devices | [see â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±] |
for cryptocurrency |
Glacier protocol |
for cryptography |
Transport Layer Security (TLS) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Security] |
cf. protocols in §âCryptocurrency-like mining to increase trustâ |
security rating |
cybersecurity |
supercomputer |
systems |
collaborative development |
when used for auditing source code changes |
GitHub |
design |
design of cyber secure systems |
Too much of the book content is relevant here, for an exhaustive listing. |
cf. NCSC information |
design to destroy private key when tampering is detected |
security by pre-loaded private key |
properties |
bare bones | [roughly opposite of..â± âbells and whistlesâ] |
âbells and whistlesâ | [roughly opposite of ..â±bare bones] |
blackbox |
system clone |
system encryption |
full-system encryption | [see â±cryptography, cryptographicâ±full-system encryption, full-disk encryption] |
system power states | [see â±powering computer systemsâ±system power states] |
T |
tablet (tablet computer) |
tamper |
hardware tampering (cf. âUSB devices vs. SD cardsâ) |
tamper checking |
tamper evident, tamper evidence |
tampering attack | [computer security attack, see â±attackâ±different classes of attack] |
tape (for computer storage) | [see â±digital storageâ±Sequential-access Memoryâ±tape] |
taste |
tea-bag marbled stained paper | [see â±paperâ±tea-bag marbled stained paper] |
tears (paper tears) |
telecom provider |
terminal for X Window System (display/input terminal) | [see â±server-client computing modelâ±clientâ±thin/fat clientsâ±thin clientsâ±X terminal] |
Tesco online printing (UK business) | [see â±businessâ±online printing businesses] |
testing (testing for security authentication) |
quantum entanglement (analogy, in respect of testing one unit to determine properties of second unit) |
tethering (wired tethering) | [see â±wired tethering] |
text (text-message) | [related to â±language] | [see â±communicationâ±text-message] |
tie-dye |
thin/fat clients | [see â±server-client computing modelâ±clientâ±thin/fat clients] |
thinking outside the box | [see â±mentalâ±thinking outside the box] |
Thirty-third Chaos Communication Congress (33c3) | [see â±33rd Chaos Communication Congress] |
threat model (term complements âsecurity levelâ term) |
time-based broad security principles (broad security principles) | [see â±broad security principlesâ±time-based broad security principles] |
time window | [see â±window of time] |
time zone |
Transport Layer Security (TLS) (digital-cryptography based) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Security] | [related to â±communicationâ±communication protocols for computing devicesâ±protocols that are also standardsâ±Hypertext Transfer Protocol Secure] |
TLS (Transport Layer Security) | [see â±cryptography, cryptographicâ±protocols and algorithmsâ±public-key cryptographyâ±Transport Layer Security] |
tokens for public-key cryptography | [see â±security tokensâ±security tokens for public-key cryptography] |
tools (software tools) | [see â±software tools, software utilities] |
transparency | [see â±optical effects] |
translucency | [see â±optical effects] |
Trusted Platform Module (TPM) |
tossing coin | [see â±randomâ±generating randomnessâ±coin tossing] |
TPM | [see â±Trusted Platform Module] |
TPM binding |
TPM sealing |
Trammell Hudson (principal developer of the Heads BIOS/UEFI boot firmware system) |
transit |
physical transit | [see â±physical transit] |
treasure map |
trustable hardware | [see â±hardwareâ±trustable hardware] |
trusted recipient |
television (TV) |
T rays | [see â±physical propertiesâ±imagesâ±t rays] |
tripod |
TV | [see â±television] |
two-step security | [see â±2FA] |
two-factor authentication | [see â±2FA] |
tweaking |
U |
Unified Extensible Firmware Interface (UEFI) | [see â±bootâ±bootloaderâ±first-stage boot loader] |
UEFI | [see â±Unified Extensible Firmware Interface] |
unicode | [see â±languageâ±unicode] |
unrepeatable pattern |
Universal Serial Bus (USB, standard for computer peripheral communications) |
USB adapters |
USB connectors |
USB keyboard (computer keyboard) |
USB memory stick |
USB public-key-cryptography security token | [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokens] |
USB | [see â±Universal Serial Bus] |
ultrasound | [see â±physical properties] |
ultraviolet | [see â±UV] |
United Kingdom | [see â±countries mentioned in bookâ±United Kingdom] |
United States of America | [see â±countries mentioned in bookâ±United States of America] |
unrepeatable patterns |
utilities (software utilities) | [see â±software toolsâ±software utilities] |
UV (ultraviolet) |
UV pen |
UV security lamp, |
UV protection glasses |
UV rays |
V |
virus (computer virus) |
antivirus software | [see â±antivirus software] |
<there is so much information relevant here, that it may not be possible to list all of it here.> |
visible spectrum |
visual display unit (computer screen) |
VDU | [see â±visual display unit] |
VDU signal interception attack | [see â±attackâ±different classes of attack] |
video |
mobile-phone video |
viewing angle | [see â±view restrictionâ±viewing angle] |
view restriction |
cardboard ârestricted viewing enclosureâ |
viewing angle |
visual cognitive power | [see â±mentalâ±cognitive powerâ±visual cognitive power] |
visual encoding |
visual noise | [see â±noiseâ±visual noise] |
visible spectrum (of light) |
visual occlusion | [see â±occlusion] (cf. occlude) |
visual inspection |
volume (space in 3D) | [see â±physical properties] |
W |
water |
submerging in water |
electronics |
water-proof container |
water-proof container |
weak currency | [see â±financialâ±currencyâ±weak currency] |
web client computers | [see â±server-client computing modelâ±clientâ±web client computers] |
web/internet browser |
Chrome internet browser |
websites referenced in book |
https://www.ncsc.gov.uk/ |
Wikipedia |
... |
website publishing |
weight | [see â±physical properties] |
weighing scales | [see â±physical properties] |
white-on-white text | [see â±steganographyâ±white-on-white text] |
Wikimedia Foundation | [see â±Wikipediaâ±owner of Wikipediaâ±Wikimedia Foundation] |
Wikipedia |
Wikipedia |
owner of Wikipedia |
Wikimedia Foundation | [see â±organisations and businessesâ±names of non-business organisationsâ±Wikimedia Foundation] |
WiFi | [see â±communicationâ±wireless communicationâ±typesâ±WiFi] |
window of time |
attack window | [see â±attackâ±attack window] |
using most secure window of time (broad security principle) | [see â±broad security principlesâ±time-based broad security principlesâ±using most secure window of time] |
Windows (OS) | [see â±operating systemâ±different operating systems] |
Wine Is Not an Emulator (Windows emulator for Unix-like operating systems) | [see â±emulator] |
Wine | [see â±Wine Is Not an Emulator] |
wired |
wired connection |
wired tethering |
wireless |
wireless communication | [see â±communicationâ±wireless communication] |
wireless router |
word symbol | [see â±languageâ±word symbol] |
writing optical discs | [see â±hardwareâ±drives and readersâ±optical disc driveâ±optical disc writersâ±writing optical discs] |
"write once" optical media |
X |
X terminal (display/input terminal for X Window System client applications) | [see â±server-client computing modelâ±clientâ±thin/fat clientsâ±thin clientsâ±X terminal] |
X ray | [see â±physical propertiesâ±imageâ±X ray] |
Y |
Yubico and Yubikey brands of USB security tokens | [see â±security tokensâ±security tokens for public-key cryptographyâ±USB tokensâ±brandsâ±Yubikey, Yubico] |
Z |
zero-knowledge authentication protocol | [see â±protocol] |
Foreword to first version |
|
This book was first produced in response to a computer hacking incident encountered during 2020 by the author of the first version of this book, in the course of his being a self-employed software developer. He had already adopted some security measures but then felt he really needed an overhaul of the security measures and systems he had in place.
This book is aimed specifically at individuals, sole traders, and small businesses, bearing in mind that they may have shoestring budgets.
It was the authorâs belief that end-user security was a real issue of concern because the mindsets of security specialists seemed to be often attuned to examining and proposing solutions within rigid frameworks: such as for example only looking at software security risks but completely ignoring physical aspects of everyday nuts-and-bolts security. A certain element of being able to think âoutside the boxâ, and outside oneâs own specialised domain, is needed. As such, security is really a multidisciplinary field, requiring the creativity of people from all walks of life.
There is special concern for the highlighted entities (individuals, sole traders, and small businesses), because of their being prone to attack due to budget constraints, and a lack of other important resources.
The author of the first version of the book places his contributions into the public domain (the authorâs Google Drive version hosted here [minus the Google Docs comments] will always be in the public domain). He feels that end-user security is so important, that intellectual property obstacles should be removed as much as possible, so as to enable everyday users to be able to undertake computing activities safely. This is especially of concern at the time of writing during the 2020 COVID-19 worldwide outbreak. During this outbreak, individuals are being called upon in great numbers to remote work and also to socialise and conduct recreational activities using computing devices.
The increasing consumer use of cryptocurrencies is another reason why a work like this is important.
The author only asks in return that you, if possible, do the following:
- Amend this work to fix mistakes.
- Add comments indicating your level of agreement or disagreement with different parts that you read/review.
- Improve it in other ways.
Please note that because using your contributions might require that you grant copyright permission for such, it is mostly preferred that you make your contributions to the Wikibooks version of this book[1].
Footnotes
- â If you are only pointing out mistakes, or giving quantitative measurements of your agreement/disagreement with parts of this book, copyright permission probably wonât be required.
Book cover | This is the contents, index, & foreword
|
Chapter 1 Software based |
![]() |